CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 0CVE-2005-0358
https://notcve.org/view.php?id=CVE-2005-0358
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token. • http://secunia.com/advisories/16464 http://secunia.com/advisories/16470 http://securitytracker.com/id?1014713 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 http://www.kb.cert.org/vuls/id/407641 http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm http://www.osvdb.org/18801 http://www.securityfocus.com/bid/14582 https://exchange.xforce.ibmcloud.com/vulnerabilities/21892 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2005-0357
https://notcve.org/view.php?id=CVE-2005-0357
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. • http://secunia.com/advisories/16464 http://secunia.com/advisories/16470 http://securitytracker.com/id?1014713 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 http://www.kb.cert.org/vuls/id/606857 http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm http://www.osvdb.org/18800 http://www.securityfocus.com/bid/14582 https://exchange.xforce.ibmcloud.com/vulnerabilities/21887 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 1CVE-2005-2358
https://notcve.org/view.php?id=CVE-2005-2358
EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot). • http://secunia.com/advisories/16344 http://securitytracker.com/id?1014629 http://www.idefense.com/application/poi/display?id=288&type=vulnerabilities&flashstatus=true http://www.securityfocus.com/bid/14487 •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 1CVE-2005-2357 – EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure
https://notcve.org/view.php?id=CVE-2005-2357
Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. • https://www.exploit-db.com/exploits/26101 http://secunia.com/advisories/16344 http://securitytracker.com/id?1014629 http://www.idefense.com/application/poi/display?id=288&type=vulnerabilities&flashstatus=true http://www.securityfocus.com/bid/14487 https://exchange.xforce.ibmcloud.com/vulnerabilities/21726 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2005-2185
https://notcve.org/view.php?id=CVE-2005-2185
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks. • http://marc.info/?l=bugtraq&m=112069267700034&w=2 •