6.4

CVE-2005-0359

The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EmcLegato Networker Version4.2.2
EmcLegato Networker Version6.0
EmcLegato Networker Version6.1
EmcLegato Networker Version7.2
EmcLegato Networker Version7.13
SunSolstice Backup Version6.0
SunSolstice Backup Version6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.29% 0.898
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/16464
Patch
Vendor Advisory
http://secunia.com/advisories/16470
Vendor Advisory
http://securitytracker.com/id?1014713
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1
Patch
Vendor Advisory
http://www.securityfocus.com/bid/14582
Patch
http://www.kb.cert.org/vuls/id/801089
Patch
Third Party Advisory
US Government Resource
http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm
Patch
http://www.osvdb.org/18802
https://exchange.xforce.ibmcloud.com/vulnerabilities/21893