Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
Max CVSS
7.5
EPSS Score
0.80%
Published
2001-11-21
Updated
2017-12-19
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
Max CVSS
7.5
EPSS Score
0.40%
Published
2005-08-23
Updated
2017-07-11
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
Max CVSS
7.5
EPSS Score
3.26%
Published
2005-08-23
Updated
2017-07-11
eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
Max CVSS
7.5
EPSS Score
0.39%
Published
2005-07-11
Updated
2016-10-18
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
Max CVSS
7.5
EPSS Score
0.66%
Published
2005-07-11
Updated
2016-10-18
Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
Max CVSS
7.5
EPSS Score
13.01%
Published
2005-12-31
Updated
2017-07-11
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-05-03
Updated
2017-07-20
Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.
Max CVSS
7.5
EPSS Score
86.87%
Published
2006-05-16
Updated
2018-10-18
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
Max CVSS
7.8
EPSS Score
3.24%
Published
2008-02-21
Updated
2018-10-15
SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field.
Max CVSS
7.5
EPSS Score
0.92%
Published
2008-07-30
Updated
2017-08-08
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files.
Max CVSS
7.8
EPSS Score
3.65%
Published
2008-12-10
Updated
2018-10-11
nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests.
Max CVSS
7.8
EPSS Score
3.76%
Published
2009-02-20
Updated
2018-10-11
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP.
Max CVSS
7.1
EPSS Score
2.09%
Published
2010-05-28
Updated
2014-05-05
Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4.0.x before 4.0.1 epatch 4 allows remote attackers to cause a denial of service (communication-module crash) by sending a crafted message through TCP.
Max CVSS
7.8
EPSS Score
3.26%
Published
2010-08-02
Updated
2017-08-17
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.06%
Published
2011-03-28
Updated
2018-10-09
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain.
Max CVSS
7.7
EPSS Score
0.20%
Published
2011-09-19
Updated
2017-08-17
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not prevent reuse of authentication information during a session, which allows remote authenticated users to bypass intended access restrictions via vectors related to knowledge of the originally used authentication information and unspecified other session information.
Max CVSS
7.5
EPSS Score
0.37%
Published
2011-08-18
Updated
2018-10-09
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP.
Max CVSS
7.9
EPSS Score
8.37%
Published
2011-08-23
Updated
2018-10-09
EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.38%
Published
2012-03-15
Updated
2012-03-15
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.
Max CVSS
7.8
EPSS Score
2.35%
Published
2012-04-20
Updated
2012-08-14
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets.
Max CVSS
7.5
EPSS Score
92.47%
Published
2012-06-01
Updated
2012-10-30
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via input data that (1) lacks FIPS fields or (2) has an invalid version number.
Max CVSS
7.8
EPSS Score
6.56%
Published
2012-05-14
Updated
2017-08-29
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.
Max CVSS
7.8
EPSS Score
3.26%
Published
2012-05-14
Updated
2017-08-29
EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors.
Max CVSS
7.5
EPSS Score
5.28%
Published
2012-08-26
Updated
2013-02-14
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-01-21
Updated
2013-01-22
81 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!