CVSS: 9.0EPSS: 2%CPEs: 18EXPL: 0CVE-2017-15549 – EMC Avamar Server / NetWorker Virtual Edition / Integrated Data Protection Applianc Bypass / Upload / Traversal
https://notcve.org/view.php?id=CVE-2017-15549
05 Jan 2018 — An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data... • http://seclists.org/fulldisclosure/2018/Jan/17 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 4%CPEs: 18EXPL: 0CVE-2017-15550 – EMC Avamar Server / NetWorker Virtual Edition / Integrated Data Protection Applianc Bypass / Upload / Traversal
https://notcve.org/view.php?id=CVE-2017-15550
05 Jan 2018 — An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2... • http://seclists.org/fulldisclosure/2018/Jan/17 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 0CVE-2017-15548 – EMC Avamar Server / NetWorker Virtual Edition / Integrated Data Protection Applianc Bypass / Upload / Traversal
https://notcve.org/view.php?id=CVE-2017-15548
05 Jan 2018 — An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection A... • http://seclists.org/fulldisclosure/2018/Jan/17 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-2284 – EMC NMM Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2012-2284
12 Oct 2012 — The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. El proceso del (1) instalación and (2) actualización en EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build v375, cuando el Exchange Server es usado, permite a usuarios locales... • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 32%CPEs: 29EXPL: 2CVE-2009-2754 – Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-2754
01 Mar 2010 — Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. Error de entero sin signo en la funcionalidad de autenticación en librpc.dll en Informix Storage Manager (ISM) Portmap... • https://packetstorm.news/files/id/88185 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0CVE-2008-6219
https://notcve.org/view.php?id=CVE-2008-6219
20 Feb 2009 — nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple craf... • http://secunia.com/advisories/32383 • CWE-399: Resource Management Errors •