Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for legato_networker by emc

    CVE-2009-2754 (GCVE-0-2009-2754)

    Vulnerability from nvd – Published: 2010-03-05 16:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-03-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:57.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "38731",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38731"
              },
              {
                "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
              },
              {
                "name": "ADV-2010-0508",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0508"
              },
              {
                "name": "IC55329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
              },
              {
                "name": "IC55330",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
              },
              {
                "name": "ibm-ids-portmap-bo(56586)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
              },
              {
                "name": "ADV-2010-0509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
              },
              {
                "name": "38472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "38731",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38731"
            },
            {
              "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
            },
            {
              "name": "ADV-2010-0508",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0508"
            },
            {
              "name": "IC55329",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
            },
            {
              "name": "IC55330",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
            },
            {
              "name": "ibm-ids-portmap-bo(56586)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
            },
            {
              "name": "ADV-2010-0509",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
            },
            {
              "name": "38472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2754",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "38731",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38731"
                },
                {
                  "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0508",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0508"
                },
                {
                  "name": "IC55329",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
                },
                {
                  "name": "IC55330",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-023",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
                },
                {
                  "name": "ibm-ids-portmap-bo(56586)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
                },
                {
                  "name": "ADV-2010-0509",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0509"
                },
                {
                  "name": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834",
                  "refsource": "CONFIRM",
                  "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
                },
                {
                  "name": "38472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2754",
        "datePublished": "2010-03-05T16:00:00.000Z",
        "dateReserved": "2009-08-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:57.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3618 (GCVE-0-2007-3618)

    Vulnerability from nvd – Published: 2007-08-21 21:00 – Updated: 2024-08-07 14:21
    VLAI
    Summary
    Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3043 third-party-advisoryx_refsource_SREASON
    http://www.zerodayinitiative.com/advisories/ZDI-0… x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/2931 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/477172/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/26517 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/25375 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/39744 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/id?1018590 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-08-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:21:36.465Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3043",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3043"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
              },
              {
                "name": "ADV-2007-2931",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2931"
              },
              {
                "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
              },
              {
                "name": "26517",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26517"
              },
              {
                "name": "25375",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25375"
              },
              {
                "name": "networker-nsrexecd-bo(36123)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
              },
              {
                "name": "39744",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39744"
              },
              {
                "name": "1018590",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018590"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a \"long invalid subcmd.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3043",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3043"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
            },
            {
              "name": "ADV-2007-2931",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2931"
            },
            {
              "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
            },
            {
              "name": "26517",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26517"
            },
            {
              "name": "25375",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25375"
            },
            {
              "name": "networker-nsrexecd-bo(36123)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
            },
            {
              "name": "39744",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39744"
            },
            {
              "name": "1018590",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018590"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3618",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a \"long invalid subcmd.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3043",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3043"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
                },
                {
                  "name": "ADV-2007-2931",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2931"
                },
                {
                  "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
                },
                {
                  "name": "26517",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26517"
                },
                {
                  "name": "25375",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25375"
                },
                {
                  "name": "networker-nsrexecd-bo(36123)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
                },
                {
                  "name": "39744",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39744"
                },
                {
                  "name": "1018590",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018590"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3618",
        "datePublished": "2007-08-21T21:00:00.000Z",
        "dateReserved": "2007-07-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:21:36.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3659 (GCVE-0-2005-3659)

    Vulnerability from nvd – Published: 2006-01-18 02:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015545 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/18615 third-party-advisoryx_refsource_SECUNIA
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.vupen.com/english/advisories/2006/0343 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/18495 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015500 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/16275 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0233 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/searchproxy/document.do?a… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa8… x_refsource_CONFIRM
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.442Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015545",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015545"
              },
              {
                "name": "18615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18615"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
              },
              {
                "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
              },
              {
                "name": "ADV-2006-0343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0343"
              },
              {
                "name": "18495",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18495"
              },
              {
                "name": "1015500",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015500"
              },
              {
                "name": "16275",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16275"
              },
              {
                "name": "ADV-2006-0233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0233"
              },
              {
                "name": "legato-nsrd-dos(24173)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
              },
              {
                "name": "102148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015545",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015545"
            },
            {
              "name": "18615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18615"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
            },
            {
              "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
            },
            {
              "name": "ADV-2006-0343",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0343"
            },
            {
              "name": "18495",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18495"
            },
            {
              "name": "1015500",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015500"
            },
            {
              "name": "16275",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16275"
            },
            {
              "name": "ADV-2006-0233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0233"
            },
            {
              "name": "legato-nsrd-dos(24173)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
            },
            {
              "name": "102148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3659",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015545",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015545"
                },
                {
                  "name": "18615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18615"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
                },
                {
                  "name": "ADV-2006-0343",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0343"
                },
                {
                  "name": "18495",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18495"
                },
                {
                  "name": "1015500",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015500"
                },
                {
                  "name": "16275",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16275"
                },
                {
                  "name": "ADV-2006-0233",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0233"
                },
                {
                  "name": "legato-nsrd-dos(24173)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
                },
                {
                  "name": "102148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
                },
                {
                  "name": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3659",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.442Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3658 (GCVE-0-2005-3658)

    Vulnerability from nvd – Published: 2006-01-18 02:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015545 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/18615 third-party-advisoryx_refsource_SECUNIA
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/0343 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18495 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015500 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/16275 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0233 vdb-entryx_refsource_VUPEN
    http://sunsolve.sun.com/searchproxy/document.do?a… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa8… x_refsource_CONFIRM
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.436Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015545",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015545"
              },
              {
                "name": "18615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18615"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
              },
              {
                "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
              },
              {
                "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
              },
              {
                "name": "legato-nsrd-bo(24175)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
              },
              {
                "name": "ADV-2006-0343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0343"
              },
              {
                "name": "legato-nsrexecd-bo(24174)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
              },
              {
                "name": "18495",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18495"
              },
              {
                "name": "1015500",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015500"
              },
              {
                "name": "16275",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16275"
              },
              {
                "name": "ADV-2006-0233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0233"
              },
              {
                "name": "102148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015545",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015545"
            },
            {
              "name": "18615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18615"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
            },
            {
              "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
            },
            {
              "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
            },
            {
              "name": "legato-nsrd-bo(24175)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
            },
            {
              "name": "ADV-2006-0343",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0343"
            },
            {
              "name": "legato-nsrexecd-bo(24174)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
            },
            {
              "name": "18495",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18495"
            },
            {
              "name": "1015500",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015500"
            },
            {
              "name": "16275",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16275"
            },
            {
              "name": "ADV-2006-0233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0233"
            },
            {
              "name": "102148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3658",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015545",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015545"
                },
                {
                  "name": "18615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18615"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
                },
                {
                  "name": "legato-nsrd-bo(24175)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
                },
                {
                  "name": "ADV-2006-0343",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0343"
                },
                {
                  "name": "legato-nsrexecd-bo(24174)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
                },
                {
                  "name": "18495",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18495"
                },
                {
                  "name": "1015500",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015500"
                },
                {
                  "name": "16275",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16275"
                },
                {
                  "name": "ADV-2006-0233",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0233"
                },
                {
                  "name": "102148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
                },
                {
                  "name": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3658",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0357 (GCVE-0-2005-0357)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/18800 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/606857 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "18800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18800"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "legato-authunix-bypass-authentication(21887)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
              },
              {
                "name": "VU#606857",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/606857"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "18800",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18800"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "legato-authunix-bypass-authentication(21887)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
            },
            {
              "name": "VU#606857",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/606857"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "18800",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18800"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "legato-authunix-bypass-authentication(21887)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
                },
                {
                  "name": "VU#606857",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/606857"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0357",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0358 (GCVE-0-2005-0358)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/407641 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.osvdb.org/18801 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#407641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/407641"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "name": "legato-token-gain-privileges(21892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "18801",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#407641",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/407641"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "name": "legato-token-gain-privileges(21892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "18801",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#407641",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/407641"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "legato-token-gain-privileges(21892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "18801",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0358",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0359 (GCVE-0-2005-0359)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/801089 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.osvdb.org/18802 vdb-entryx_refsource_OSVDB
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#801089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/801089"
              },
              {
                "name": "legato-portmapper-obtain-information(21893)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
              },
              {
                "name": "18802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18802"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#801089",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/801089"
            },
            {
              "name": "legato-portmapper-obtain-information(21893)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
            },
            {
              "name": "18802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18802"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#801089",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/801089"
                },
                {
                  "name": "legato-portmapper-obtain-information(21893)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
                },
                {
                  "name": "18802",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18802"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0359",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-2754 (GCVE-0-2009-2754)

    Vulnerability from cvelistv5 – Published: 2010-03-05 16:00 – Updated: 2024-08-07 05:59
    VLAI
    Summary
    Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-03-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:59:57.150Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "38731",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/38731"
              },
              {
                "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
              },
              {
                "name": "ADV-2010-0508",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0508"
              },
              {
                "name": "IC55329",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
              },
              {
                "name": "IC55330",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
              },
              {
                "name": "ibm-ids-portmap-bo(56586)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
              },
              {
                "name": "ADV-2010-0509",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/0509"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
              },
              {
                "name": "38472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/38472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-03-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "38731",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/38731"
            },
            {
              "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
            },
            {
              "name": "ADV-2010-0508",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0508"
            },
            {
              "name": "IC55329",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
            },
            {
              "name": "IC55330",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
            },
            {
              "name": "ibm-ids-portmap-bo(56586)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
            },
            {
              "name": "ADV-2010-0509",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0509"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
            },
            {
              "name": "38472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/38472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-2754",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "38731",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/38731"
                },
                {
                  "name": "20100301 ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/509793/100/0/threaded"
                },
                {
                  "name": "ADV-2010-0508",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0508"
                },
                {
                  "name": "IC55329",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55329"
                },
                {
                  "name": "IC55330",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IC55330"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-023",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-023"
                },
                {
                  "name": "ibm-ids-portmap-bo(56586)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56586"
                },
                {
                  "name": "ADV-2010-0509",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/0509"
                },
                {
                  "name": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834",
                  "refsource": "CONFIRM",
                  "url": "http://knowledgebase.emc.com/emcice/login.do?sType=ax1990\u0026sName=1204\u0026id=emc183834"
                },
                {
                  "name": "38472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/38472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-2754",
        "datePublished": "2010-03-05T16:00:00.000Z",
        "dateReserved": "2009-08-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:59:57.150Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3618 (GCVE-0-2007-3618)

    Vulnerability from cvelistv5 – Published: 2007-08-21 21:00 – Updated: 2024-08-07 14:21
    VLAI
    Summary
    Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/3043 third-party-advisoryx_refsource_SREASON
    http://www.zerodayinitiative.com/advisories/ZDI-0… x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/2931 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/477172/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/26517 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/25375 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/39744 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/id?1018590 vdb-entryx_refsource_SECTRACK
    Date Public
    2007-08-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:21:36.465Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3043",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3043"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
              },
              {
                "name": "ADV-2007-2931",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2931"
              },
              {
                "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
              },
              {
                "name": "26517",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26517"
              },
              {
                "name": "25375",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25375"
              },
              {
                "name": "networker-nsrexecd-bo(36123)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
              },
              {
                "name": "39744",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39744"
              },
              {
                "name": "1018590",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018590"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a \"long invalid subcmd.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3043",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3043"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
            },
            {
              "name": "ADV-2007-2931",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2931"
            },
            {
              "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
            },
            {
              "name": "26517",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26517"
            },
            {
              "name": "25375",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25375"
            },
            {
              "name": "networker-nsrexecd-bo(36123)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
            },
            {
              "name": "39744",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39744"
            },
            {
              "name": "1018590",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018590"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3618",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a \"long invalid subcmd.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3043",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3043"
                },
                {
                  "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html",
                  "refsource": "MISC",
                  "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-049.html"
                },
                {
                  "name": "ADV-2007-2931",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2931"
                },
                {
                  "name": "20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/477172/100/0/threaded"
                },
                {
                  "name": "26517",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26517"
                },
                {
                  "name": "25375",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25375"
                },
                {
                  "name": "networker-nsrexecd-bo(36123)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36123"
                },
                {
                  "name": "39744",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39744"
                },
                {
                  "name": "1018590",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018590"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3618",
        "datePublished": "2007-08-21T21:00:00.000Z",
        "dateReserved": "2007-07-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:21:36.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3659 (GCVE-0-2005-3659)

    Vulnerability from cvelistv5 – Published: 2006-01-18 02:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015545 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/18615 third-party-advisoryx_refsource_SECUNIA
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.vupen.com/english/advisories/2006/0343 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/18495 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015500 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/16275 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0233 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/searchproxy/document.do?a… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa8… x_refsource_CONFIRM
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.442Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015545",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015545"
              },
              {
                "name": "18615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18615"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
              },
              {
                "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
              },
              {
                "name": "ADV-2006-0343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0343"
              },
              {
                "name": "18495",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18495"
              },
              {
                "name": "1015500",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015500"
              },
              {
                "name": "16275",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16275"
              },
              {
                "name": "ADV-2006-0233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0233"
              },
              {
                "name": "legato-nsrd-dos(24173)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
              },
              {
                "name": "102148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015545",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015545"
            },
            {
              "name": "18615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18615"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
            },
            {
              "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
            },
            {
              "name": "ADV-2006-0343",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0343"
            },
            {
              "name": "18495",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18495"
            },
            {
              "name": "1015500",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015500"
            },
            {
              "name": "16275",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16275"
            },
            {
              "name": "ADV-2006-0233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0233"
            },
            {
              "name": "legato-nsrd-dos(24173)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
            },
            {
              "name": "102148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3659",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015545",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015545"
                },
                {
                  "name": "18615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18615"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrd.exe DoS Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375"
                },
                {
                  "name": "ADV-2006-0343",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0343"
                },
                {
                  "name": "18495",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18495"
                },
                {
                  "name": "1015500",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015500"
                },
                {
                  "name": "16275",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16275"
                },
                {
                  "name": "ADV-2006-0233",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0233"
                },
                {
                  "name": "legato-nsrd-dos(24173)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24173"
                },
                {
                  "name": "102148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
                },
                {
                  "name": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3659",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.442Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3658 (GCVE-0-2005-3658)

    Vulnerability from cvelistv5 – Published: 2006-01-18 02:00 – Updated: 2024-08-07 23:17
    VLAI
    Summary
    Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015545 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/18615 third-party-advisoryx_refsource_SECUNIA
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    http://www.idefense.com/intelligence/vulnerabilit… third-party-advisoryx_refsource_IDEFENSE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/0343 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18495 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015500 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/16275 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0233 vdb-entryx_refsource_VUPEN
    http://sunsolve.sun.com/searchproxy/document.do?a… vendor-advisoryx_refsource_SUNALERT
    ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa8… x_refsource_CONFIRM
    Date Public
    2006-01-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:17:23.436Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015545",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015545"
              },
              {
                "name": "18615",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18615"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
              },
              {
                "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
              },
              {
                "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
              },
              {
                "name": "legato-nsrd-bo(24175)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
              },
              {
                "name": "ADV-2006-0343",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0343"
              },
              {
                "name": "legato-nsrexecd-bo(24174)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
              },
              {
                "name": "18495",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18495"
              },
              {
                "name": "1015500",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015500"
              },
              {
                "name": "16275",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16275"
              },
              {
                "name": "ADV-2006-0233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0233"
              },
              {
                "name": "102148",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015545",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015545"
            },
            {
              "name": "18615",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18615"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
            },
            {
              "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
            },
            {
              "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
            },
            {
              "name": "legato-nsrd-bo(24175)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
            },
            {
              "name": "ADV-2006-0343",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0343"
            },
            {
              "name": "legato-nsrexecd-bo(24174)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
            },
            {
              "name": "18495",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18495"
            },
            {
              "name": "1015500",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015500"
            },
            {
              "name": "16275",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16275"
            },
            {
              "name": "ADV-2006-0233",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0233"
            },
            {
              "name": "102148",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3658",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015545",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015545"
                },
                {
                  "name": "18615",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18615"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/011606_NW.htm"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373"
                },
                {
                  "name": "20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374"
                },
                {
                  "name": "legato-nsrd-bo(24175)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24175"
                },
                {
                  "name": "ADV-2006-0343",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0343"
                },
                {
                  "name": "legato-nsrexecd-bo(24174)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24174"
                },
                {
                  "name": "18495",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18495"
                },
                {
                  "name": "1015500",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015500"
                },
                {
                  "name": "16275",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16275"
                },
                {
                  "name": "ADV-2006-0233",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0233"
                },
                {
                  "name": "102148",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1"
                },
                {
                  "name": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT",
                  "refsource": "CONFIRM",
                  "url": "ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3658",
        "datePublished": "2006-01-18T02:00:00.000Z",
        "dateReserved": "2005-11-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:17:23.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0357 (GCVE-0-2005-0357)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/18800 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/606857 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "18800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18800"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "legato-authunix-bypass-authentication(21887)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
              },
              {
                "name": "VU#606857",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/606857"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "18800",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18800"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "legato-authunix-bypass-authentication(21887)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
            },
            {
              "name": "VU#606857",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/606857"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "18800",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18800"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "legato-authunix-bypass-authentication(21887)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
                },
                {
                  "name": "VU#606857",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/606857"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0357",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0358 (GCVE-0-2005-0358)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/407641 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.osvdb.org/18801 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#407641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/407641"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "name": "legato-token-gain-privileges(21892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "18801",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#407641",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/407641"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "name": "legato-token-gain-privileges(21892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "18801",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#407641",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/407641"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "legato-token-gain-privileges(21892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "18801",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0358",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0359 (GCVE-0-2005-0359)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/801089 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.osvdb.org/18802 vdb-entryx_refsource_OSVDB
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#801089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/801089"
              },
              {
                "name": "legato-portmapper-obtain-information(21893)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
              },
              {
                "name": "18802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18802"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#801089",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/801089"
            },
            {
              "name": "legato-portmapper-obtain-information(21893)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
            },
            {
              "name": "18802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18802"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#801089",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/801089"
                },
                {
                  "name": "legato-portmapper-obtain-information(21893)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
                },
                {
                  "name": "18802",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18802"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0359",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }