[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2011-0321Date: (C)2011-02-01   (M)2023-12-22


librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.4
Exploit Score: 10.0
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1025010
http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html
SECUNIA-43113
BID-46044
OSVDB-70686
ADV-2011-0241
http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt
networker-librpc-security-bypass(64997)

CPE    27
cpe:/a:emc:networker:7.2
cpe:/a:emc:networker:7.5:sp2
cpe:/a:emc:networker:7.0
cpe:/a:emc:networker:6.1
...
CWE    1
CWE-264
OVAL    1
oval:org.secpod.oval:def:1100061

© SecPod Technologies