CVE-2011-0321
Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una dirección IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegación de servicio u obtener información confidencial de comunicación entre procesos ("interprocess communication") a través de paquetes UDP modificados que contengan comandos de servicio.
This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability.
The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. A remote attack can use this vulnerability to create a denial of service condition or eavesdrop on process communications.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-01-06 CVE Reserved
- 2011-01-27 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html | Mailing List | |
| http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt | X_refsource_confirm | |
| http://securitytracker.com/id?1025010 | Vdb Entry | |
| http://www.osvdb.org/70686 | Vdb Entry | |
| http://www.securityfocus.com/bid/46044 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64997 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/43113 | 2017-08-17 | |
| http://www.vupen.com/english/advisories/2011/0241 | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | <= 7.5 Search vendor "Emc" for product "Networker" and version " <= 7.5" | sp3 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 6.0 Search vendor "Emc" for product "Networker" and version "6.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 6.1 Search vendor "Emc" for product "Networker" and version "6.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.0 Search vendor "Emc" for product "Networker" and version "7.0" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.2 Search vendor "Emc" for product "Networker" and version "7.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.3 Search vendor "Emc" for product "Networker" and version "7.3" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | sp1 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | sp2 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | sp3 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | sp4 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.4 Search vendor "Emc" for product "Networker" and version "7.4" | sp5 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5 Search vendor "Emc" for product "Networker" and version "7.5" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5 Search vendor "Emc" for product "Networker" and version "7.5" | sp1 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5 Search vendor "Emc" for product "Networker" and version "7.5" | sp2 |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5.3.1 Search vendor "Emc" for product "Networker" and version "7.5.3.1" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5.3.2 Search vendor "Emc" for product "Networker" and version "7.5.3.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5.3.3 Search vendor "Emc" for product "Networker" and version "7.5.3.3" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.5.3.4 Search vendor "Emc" for product "Networker" and version "7.5.3.4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.2 Search vendor "Emc" for product "Networker" and version "7.6.0.2" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.3 Search vendor "Emc" for product "Networker" and version "7.6.0.3" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.4 Search vendor "Emc" for product "Networker" and version "7.6.0.4" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.5 Search vendor "Emc" for product "Networker" and version "7.6.0.5" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.6 Search vendor "Emc" for product "Networker" and version "7.6.0.6" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.7 Search vendor "Emc" for product "Networker" and version "7.6.0.7" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.8 Search vendor "Emc" for product "Networker" and version "7.6.0.8" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.0.9 Search vendor "Emc" for product "Networker" and version "7.6.0.9" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Networker Search vendor "Emc" for product "Networker" | 7.6.1.1 Search vendor "Emc" for product "Networker" and version "7.6.1.1" | - |
Affected
| ||||||