Legato NetWorker lgtomapper Unauthorized RPC Service Unregister DoS

2005-08-16T05:59:09
ID OSVDB:18802
Type osvdb
Reporter OSVDB
Modified 2005-08-16T05:59:09

Description

Vulnerability Description

Legato NetWorker contains a flaw that may allow a remote denial of service or an unauthorized information disclosure. The issue occurs because the lgtomapper RPC port mapper allows remote calls to the "pmap_set" and "pmap_unset" functions. A remote attacker could unregister NetWorker RPC services resulting in loss of availability for the service, or possibly register a new service which might allow eavesdropping on NetWorker process communications.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, EMC and Sun have released patches to address this vulnerability.

Short Description

Legato NetWorker contains a flaw that may allow a remote denial of service or an unauthorized information disclosure. The issue occurs because the lgtomapper RPC port mapper allows remote calls to the "pmap_set" and "pmap_unset" functions. A remote attacker could unregister NetWorker RPC services resulting in loss of availability for the service, or possibly register a new service which might allow eavesdropping on NetWorker process communications.

References:

Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1014713 Secunia Advisory ID:16464 Secunia Advisory ID:16470 Related OSVDB ID: 18800 Related OSVDB ID: 18801 Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 Keyword: TCP port 7938 ISS X-Force ID: 21893 Generic Informational URL: http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup.software.reut/index.html CVE-2005-0359 CERT VU: 801089 Bugtraq ID: 14582