Page 5 of 23 results (0.003 seconds)

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato NetWorker 6.1 almacena passwords en texto plano en el fichero daemon.log que permite a usuarios locales tomar privilegios leyendo las passwords del fichero. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7898.php http://www.securityfocus.com/bid/3842 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato Networker 6.1 almacena ficheros de registro en el directorio /nsr/logs/ con permisos de lectura para todos los usuarios, lo que permite a usuarios locales leer información sensible y posiblemente ganar privilegios. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7897.php http://www.securityfocus.com/bid/3840 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. • http://marc.info/?l=bugtraq&m=100638782917917&w=2 http://www.securityfocus.com/bid/3564 https://exchange.xforce.ibmcloud.com/vulnerabilities/7601 •