8.2 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.13 Low
EPSS
Percentile
95.5%
Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT
secunia.com/advisories/18495
secunia.com/advisories/18615
securitytracker.com/id?1015500
securitytracker.com/id?1015545
sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1
www.idefense.com/intelligence/vulnerabilities/display.php?id=373
www.idefense.com/intelligence/vulnerabilities/display.php?id=374
www.legato.com/support/websupport/product_alerts/011606_NW.htm
www.securityfocus.com/bid/16275
www.vupen.com/english/advisories/2006/0233
www.vupen.com/english/advisories/2006/0343
exchange.xforce.ibmcloud.com/vulnerabilities/24174
exchange.xforce.ibmcloud.com/vulnerabilities/24175