CVE-2005-0359
6.4
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:P
Exploitability: 10.0 / Impact: 4.9
Source: NVD
Description
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
Affected (10)
Products: Emc: Legato Networker · Sun: Solstice Backup, Storedge Enterprise Backup Software
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.2.2 | |
| Version 6.0 | |
| Version 7.0 |
References (18)
Source: cret@cert.org
PatchVendor Advisory
Source: cret@cert.org
PatchThird Party AdvisoryUS Government Resource
Source: cret@cert.org
Patch
Source: cret@cert.org
Source: cret@cert.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.