Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for storedge_enterprise_backup_software by sun

    CVE-2005-0359 (GCVE-0-2005-0359)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/801089 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.osvdb.org/18802 vdb-entryx_refsource_OSVDB
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#801089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/801089"
              },
              {
                "name": "legato-portmapper-obtain-information(21893)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
              },
              {
                "name": "18802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18802"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#801089",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/801089"
            },
            {
              "name": "legato-portmapper-obtain-information(21893)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
            },
            {
              "name": "18802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18802"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#801089",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/801089"
                },
                {
                  "name": "legato-portmapper-obtain-information(21893)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
                },
                {
                  "name": "18802",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18802"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0359",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0358 (GCVE-0-2005-0358)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/407641 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.osvdb.org/18801 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#407641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/407641"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "name": "legato-token-gain-privileges(21892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "18801",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#407641",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/407641"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "name": "legato-token-gain-privileges(21892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "18801",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#407641",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/407641"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "legato-token-gain-privileges(21892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "18801",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0358",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0357 (GCVE-0-2005-0357)

    Vulnerability from nvd – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/18800 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/606857 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "18800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18800"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "legato-authunix-bypass-authentication(21887)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
              },
              {
                "name": "VU#606857",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/606857"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "18800",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18800"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "legato-authunix-bypass-authentication(21887)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
            },
            {
              "name": "VU#606857",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/606857"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "18800",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18800"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "legato-authunix-bypass-authentication(21887)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
                },
                {
                  "name": "VU#606857",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/606857"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0357",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0359 (GCVE-0-2005-0359)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/801089 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.osvdb.org/18802 vdb-entryx_refsource_OSVDB
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#801089",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/801089"
              },
              {
                "name": "legato-portmapper-obtain-information(21893)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
              },
              {
                "name": "18802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18802"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#801089",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/801089"
            },
            {
              "name": "legato-portmapper-obtain-information(21893)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
            },
            {
              "name": "18802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18802"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#801089",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/801089"
                },
                {
                  "name": "legato-portmapper-obtain-information(21893)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21893"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm"
                },
                {
                  "name": "18802",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18802"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0359",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0358 (GCVE-0-2005-0358)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/407641 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.osvdb.org/18801 vdb-entryx_refsource_OSVDB
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.382Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#407641",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/407641"
              },
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "name": "legato-token-gain-privileges(21892)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "18801",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18801"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "VU#407641",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/407641"
            },
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "name": "legato-token-gain-privileges(21892)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "18801",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18801"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0358",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#407641",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/407641"
                },
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "legato-token-gain-privileges(21892)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21892"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "18801",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18801"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0358",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.382Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0357 (GCVE-0-2005-0357)

    Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/16470 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/16464 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/18800 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1014713 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/14582 vdb-entryx_refsource_BID
    http://www.legato.com/support/websupport/product_… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/606857 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2005-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16470",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16470"
              },
              {
                "name": "16464",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/16464"
              },
              {
                "name": "18800",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/18800"
              },
              {
                "name": "1014713",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014713"
              },
              {
                "name": "14582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
              },
              {
                "name": "101886",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
              },
              {
                "name": "legato-authunix-bypass-authentication(21887)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
              },
              {
                "name": "VU#606857",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/606857"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "16470",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16470"
            },
            {
              "name": "16464",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/16464"
            },
            {
              "name": "18800",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/18800"
            },
            {
              "name": "1014713",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014713"
            },
            {
              "name": "14582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
            },
            {
              "name": "101886",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
            },
            {
              "name": "legato-authunix-bypass-authentication(21887)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
            },
            {
              "name": "VU#606857",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/606857"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0357",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16470",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16470"
                },
                {
                  "name": "16464",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/16464"
                },
                {
                  "name": "18800",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/18800"
                },
                {
                  "name": "1014713",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014713"
                },
                {
                  "name": "14582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14582"
                },
                {
                  "name": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm"
                },
                {
                  "name": "101886",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1"
                },
                {
                  "name": "legato-authunix-bypass-authentication(21887)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21887"
                },
                {
                  "name": "VU#606857",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/606857"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0357",
        "datePublished": "2005-08-20T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }