7.5

CVE-2005-3658

Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
EmcLegato Networker Version7.1.1
EmcLegato Networker Version7.1.2
EmcLegato Networker Version7.1.3
EmcLegato Networker Version7.2
EmcLegato Networker Version7.2.1
EmcLegato Networker Version7.2_build172
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.15% 0.914
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT
http://secunia.com/advisories/18495
Patch
Vendor Advisory
http://secunia.com/advisories/18615
Patch
Vendor Advisory
http://securitytracker.com/id?1015500
Patch
http://securitytracker.com/id?1015545
Patch
http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373
Patch
Vendor Advisory
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374
Patch
Vendor Advisory
http://www.legato.com/support/websupport/product_alerts/011606_NW.htm
http://www.securityfocus.com/bid/16275
Patch
http://www.vupen.com/english/advisories/2006/0233
Vendor Advisory
http://www.vupen.com/english/advisories/2006/0343
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24174
https://exchange.xforce.ibmcloud.com/vulnerabilities/24175