FKIE_CVE-2011-0321

Vulnerability from fkie_nvd - Published: 2011-02-01 18:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.
References
security_alert@emc.comhttp://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html
security_alert@emc.comhttp://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt
security_alert@emc.comhttp://secunia.com/advisories/43113Vendor Advisory
security_alert@emc.comhttp://securitytracker.com/id?1025010
security_alert@emc.comhttp://www.osvdb.org/70686
security_alert@emc.comhttp://www.securityfocus.com/bid/46044
security_alert@emc.comhttp://www.vupen.com/english/advisories/2011/0241Vendor Advisory
security_alert@emc.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64997
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43113Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1025010
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/70686
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/46044
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0241Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/64997
Impacted products
Vendor Product Version
emc networker *
emc networker 6.0
emc networker 6.1
emc networker 7.0
emc networker 7.2
emc networker 7.3
emc networker 7.4
emc networker 7.4
emc networker 7.4
emc networker 7.4
emc networker 7.4
emc networker 7.4
emc networker 7.5
emc networker 7.5
emc networker 7.5
emc networker 7.5.3.1
emc networker 7.5.3.2
emc networker 7.5.3.3
emc networker 7.5.3.4
emc networker 7.6.0.2
emc networker 7.6.0.3
emc networker 7.6.0.4
emc networker 7.6.0.5
emc networker 7.6.0.6
emc networker 7.6.0.7
emc networker 7.6.0.8
emc networker 7.6.0.9
emc networker 7.6.1.1
To clipboard Create KEV Entry 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:networker:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3A0B08EF-3440-4BE8-93AA-2EB530DA0ABB",
              "versionEndIncluding": "7.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5967C58A-D318-466D-9370-222FE7034B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE54B84-3CA1-490B-9D0C-A3C3C872D2B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D2271AE-769D-4A3A-8821-22F22B6018C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F59763-C87A-48A4-890D-B17EAEA6EF0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "10954E1B-09A1-4F0A-A2EF-BEDE3B6CE7AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F952DA-3037-4F76-B874-E63F3F280B7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A6320CF7-A074-429C-A4C2-7D3F7E19A49F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "6E8C849D-24D2-495E-997A-789FC9D7D56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A65D81EE-FC19-40BE-B9E4-44F2A99D60AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "B5262837-70E0-4F10-8367-4F85DB17B67B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.4:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "B23031B3-799A-47E0-B6A7-3B3C103ED08F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AF82110-E275-4746-9BCF-C46CE01A5EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "1F7DF3A1-75E4-416B-9346-90629EB85E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5A3FE44D-0C02-41B7-985F-A79B858221AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA7C510-9011-4CAE-A270-F730308BF239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6105BB6A-22C4-4725-848A-281A7BF79725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5FA049-FAE2-498D-BE11-213C55872BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA36CB9-307F-44B8-8CA0-41BDFE2F14FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D87038FD-8115-4024-AB82-EFB0EF5B1C98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "985DDA57-DA2C-4EC7-BD42-F0B5E190DBF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CFD5DF-BCD0-46C6-B18E-60465A6318BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D68C4BE8-A053-46F3-B9F3-DDE3451F30B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2335F8A5-30E3-4452-8FFA-1ED185917313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A22B0B-E8C4-47AB-B276-E8E38BDDE818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FA7C02D-DA10-4B9D-83C9-98BBE81E6166",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "121F391B-295D-4684-A7F4-C91C57033532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:networker:7.6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8BE130-4CA6-4690-AB01-59A50EB8B997",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands."
    },
    {
      "lang": "es",
      "value": "librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una direcci\u00f3n IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegaci\u00f3n de servicio u obtener informaci\u00f3n confidencial de comunicaci\u00f3n entre procesos (\"interprocess communication\") a trav\u00e9s de paquetes UDP modificados que contengan comandos de servicio."
    }
  ],
  "id": "CVE-2011-0321",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-02-01T18:00:03.313",
  "references": [
    {
      "source": "security_alert@emc.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43113"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://securitytracker.com/id?1025010"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://www.osvdb.org/70686"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://www.securityfocus.com/bid/46044"
    },
    {
      "source": "security_alert@emc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0241"
    },
    {
      "source": "security_alert@emc.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43113"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/70686"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64997"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.