Emc

Networker

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2013-0940

  • EPSS 0.03%
  • Veröffentlicht 03.05.2013 11:57:41
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

9.3

CVE-2012-4607

  • EPSS 10.15%
  • Veröffentlicht 17.01.2013 22:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.

9.3

CVE-2012-2288

  • EPSS 68.89%
  • Veröffentlicht 04.09.2012 11:04:48
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.

9.3

CVE-2012-0395

  • EPSS 4.57%
  • Veröffentlicht 27.01.2012 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.

6.9

CVE-2011-1421

  • EPSS 0.05%
  • Veröffentlicht 22.04.2011 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.

6.4

CVE-2011-0321

  • EPSS 1.35%
  • Veröffentlicht 01.02.2011 18:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregis...

10

CVE-2006-3892

  • EPSS 9.45%
  • Veröffentlicht 02.03.2007 21:18:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.

4.6

CVE-2002-0114

  • EPSS 0.07%
  • Veröffentlicht 25.03.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1...

4.6

CVE-2002-0113

  • EPSS 0.05%
  • Veröffentlicht 25.03.2002 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reporte...

7.5

CVE-2001-0910

  • EPSS 0.35%
  • Veröffentlicht 21.11.2001 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be...