CVSS: 10.0EPSS: 96%CPEs: 6EXPL: 1CVE-2011-0647 – EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0647
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. El servicio irccd.exe en EMC Replication Manager Client anterior de v5.3 y NetWorker Module para Microsoft Applications v2.1.x y v2.2.x permite a atacantes remotos ejecutar comandos de su elección a través de la función RunProgram al puerto TCP 6542. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The Replication Manager client installs a service binds the irccd.exe process to TCP port 6542. This service accepts commands using an XML-based protocol. • https://www.exploit-db.com/exploits/41704 http://osvdb.org/70853 http://secunia.com/advisories/43164 http://www.securityfocus.com/archive/1/516260 http://www.securityfocus.com/archive/1/516282/100/0/threaded http://www.securityfocus.com/bid/46235 http://www.vupen.com/english/advisories/2011/0304 http://www.zerodayinitiative.com/advisories/ZDI-11-061 https://exchange.xforce.ibmcloud.com/vulnerabilities/65205 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 2%CPEs: 28EXPL: 0CVE-2011-0321 – Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2011-0321
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una dirección IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegación de servicio u obtener información confidencial de comunicación entre procesos ("interprocess communication") a través de paquetes UDP modificados que contengan comandos de servicio. This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. • http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt http://secunia.com/advisories/43113 http://securitytracker.com/id?1025010 http://www.osvdb.org/70686 http://www.securityfocus.com/bid/46044 http://www.vupen.com/english/advisories/2011/0241 https://exchange.xforce.ibmcloud.com/vulnerabilities/64997 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 13%CPEs: 1EXPL: 2CVE-2010-2860 – EMC Celerra NAS Appliance - Unauthorized Access to Root NFS Export
https://notcve.org/view.php?id=CVE-2010-2860
The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. El dispositivo EMC Celerra Network Attached Storage (NAS) acepta tráfico de red externo en direcciones IP pretendidas para una intranet con el dispositivo, lo que permite a atacantes remotos leer, crear o odificar ficheros de su elección en el directorio de datos de usuari a través de peticiones NFS. • https://www.exploit-db.com/exploits/14536 http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0018.html http://securitytracker.com/id?1024271 http://www.exploit-db.com/exploits/14536 http://www.securityfocus.com/archive/1/512823/100/0/threaded http://www.securityfocus.com/archive/1/513564/100/0/threaded http://www.securityfocus.com/bid/42134 http://www.vupen.com/english/advisories/2010/2337 https://exchange.xforce.ibmcloud.com/vulnerabilities/60885 https://www.trustwav • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 3%CPEs: 7EXPL: 0CVE-2010-2633
https://notcve.org/view.php?id=CVE-2010-2633
Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP. Vulnerabilidad no especificada en EMC Disk Library (EDL) en versiones anteriores a la 3.2.7, 3.3.x en versiones anteriores a la 3.3.2 epatch 8 y 4.0.x en versiones anteriores a la 4.0.1 epatch 4 permite a atacantes remotos provocar una denegación de servicio (caída del módulo de comunicación) mediante el envío de un mensaje manipulado a través de TCP. • http://archives.neohapsis.com/archives/bugtraq/2010-07/0272.html http://osvdb.org/66826 http://secunia.com/advisories/40828 http://securitytracker.com/id?1024265 http://www.securityfocus.com/bid/42105 http://www.vupen.com/english/advisories/2010/1969 https://exchange.xforce.ibmcloud.com/vulnerabilities/60853 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2010-1904 – RSA Key Manager 1.5.x SQL Injection
https://notcve.org/view.php?id=CVE-2010-1904
SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. Una vulnerabilidad de inyección SQL en EMC RSA Key Manager Client v1.5.x permite ejecutar comandos SQL a atacantes remotos ayudados por un usuario local a través de la sección metadata de los datos de una clave cifrada. RSA Key Manager version 1.5.x suffers from a remote SQL injection vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0078.html http://seclists.org/bugtraq/2011/Jan/138 http://secunia.com/advisories/43057 http://www.securityfocus.com/archive/1/511654/100/0/threaded http://www.securityfocus.com/bid/40553 http://www.securitytracker.com/id?1024059 http://www.securitytracker.com/id?1024989 http://www.vupen.com/english/advisories/2011/0206 https://exchange.xforce.ibmcloud.com/vulnerabilities/59133 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •