CVE-2017-15548
https://notcve.org/view.php?id=CVE-2017-15548
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario remoto malicioso no autenticado puede omitir la autenticación de la aplicación y obtener acceso root no autorizado a los sistemas afectados. • http://seclists.org/fulldisclosure/2018/Jan/17 http://www.securityfocus.com/bid/102352 http://www.securitytracker.com/id/1040070 • CWE-287: Improper Authentication •
CVE-2017-15549
https://notcve.org/view.php?id=CVE-2017-15549
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could potentially upload arbitrary maliciously crafted files in any location on the server file system. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario remoto malicioso con bajos privilegios podría cargar archivos arbitrarios maliciosamente manipulados en cualquier ubicación del sistema de archivos del servidor. • http://seclists.org/fulldisclosure/2018/Jan/17 http://www.securityfocus.com/bid/102363 http://www.securitytracker.com/id/1040070 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2017-15550
https://notcve.org/view.php?id=CVE-2017-15550
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote authenticated malicious user with low privileges could access arbitrary files on the server file system in the context of the running vulnerable application via Path traversal. Se ha descubierto un problema en EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x y EMC Integrated Data Protection Appliance 2.0. Un usuario autenticado remoto malicioso con bajos privilegios podría acceder a archivos arbitrarios en el sistema de archivos del servidor en el contexto de la aplicación vulnerable en ejecución mediante un salto de directorio. • http://seclists.org/fulldisclosure/2018/Jan/17 http://www.securityfocus.com/bid/102358 http://www.securitytracker.com/id/1040070 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2012-2284
https://notcve.org/view.php?id=CVE-2012-2284
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. El proceso del (1) instalación and (2) actualización en EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build v375, cuando el Exchange Server es usado, permite a usuarios locales leer las credenciales del administrador en texto plano mediante vectores desconocidos vectors. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html http://osvdb.org/86157 http://secunia.com/advisories/50957 http://www.securityfocus.com/bid/55883 http://www.securitytracker.com/id?1027647 • CWE-255: Credentials Management Errors •
CVE-2009-2754 – Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-2754
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. Error de entero sin signo en la funcionalidad de autenticación en librpc.dll en Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), tal y como se utiliza en IBM Informix Dynamic Server (IDS) v10.x anteriores a la v10.00.TC9 y v11.x anteriores a v11.10.TC3 y EMC Legato NetWorker, permite a atacantes remotos ejecutar código arbitrario a través de un parámetro manipulado en tamaño que inicia un desbordamiento de búfer basado en la pila. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user. • https://www.exploit-db.com/exploits/12109 http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834 http://secunia.com/advisories/38731 http://www.ibm.com/support/docview.wss?uid=swg1IC55329 http://www.ibm.com/support/docview.wss?uid=swg1IC55330 http://www.securityfocus.com/archive/1/509793/100/0/threaded http://www.securityfocus.com/bid/38472 http://www.vupen.com/english/advisories/2010/0508 http://www.vupen.com/english/advisories/2010/0509 http:/ • CWE-189: Numeric Errors •