Page 4 of 19 results (0.031 seconds)

CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0

The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. El servidor de la consola de administración del EMC NetWorker (antiguamente el Legato NetWorker) 7.3.2 anterior a la actualización 1 del Jumbo, utiliza una autenticación débil, lo que permite a atacantes remotos ejecutar comandos de su elección. • ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt http://osvdb.org/33853 http://secunia.com/advisories/24362 http://www.kb.cert.org/vuls/id/498553 http://www.kb.cert.org/vuls/id/MIMG-6VMLWA http://www.securityfocus.com/bid/22789 http://www.securitytracker.com/id?1017724 http://www.vupen.com/english/advisories/2007/0816 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato NetWorker 6.1 almacena passwords en texto plano en el fichero daemon.log que permite a usuarios locales tomar privilegios leyendo las passwords del fichero. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7898.php http://www.securityfocus.com/bid/3842 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato Networker 6.1 almacena ficheros de registro en el directorio /nsr/logs/ con permisos de lectura para todos los usuarios, lo que permite a usuarios locales leer información sensible y posiblemente ganar privilegios. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7897.php http://www.securityfocus.com/bid/3840 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. • http://marc.info/?l=bugtraq&m=100638782917917&w=2 http://www.securityfocus.com/bid/3564 https://exchange.xforce.ibmcloud.com/vulnerabilities/7601 •