Lucene search
SAINT CorporationSAINT:2E77C2279B0D20FF6EFB1C2AFE56448AHistoryNov 09, 2007 - 12:00 a.m.
EMC NetWorker Remote Exec service subcmd buffer overflow
2007-11-0900:00:00
SAINT Corporation
www.saintcorporation.com
13
0.86 High
EPSS
Percentile
98.2%
Added: 11/09/2007
CVE: CVE-2007-3618
BID: 25375
OSVDB: 39744
Background
EMC NetWorker is a centralized data backup solution.
Problem
A buffer overflow vulnerability in the Remote Exec service (**nsrexecd.exe**) allows remote attackers to execute arbitrary commands by sending a long, invalid subcmd to a poll or kill request.
Resolution
For fix information see EMC knowledge base article esg83899 which is available from EMC Powerlink.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-049.html>
Limitations
Exploit works on EMC NetWorker 7.3.2 on Windows 2000, and on Windows Server 2003 with Data Execution Prevention (DEP) enabled.
Platforms
Windows 2000
Windows Server 2003 SP1
Windows Server 2003 SP2 / Windows Server 2003
Related
prion
prion
Stack overflow
2007-08-21 21:17:00
saint
saint
EMC NetWorker Remote Exec service subcmd buffer overflow
2007-11-09 00:00:00
EMC NetWorker Remote Exec service subcmd buffer overflow
2007-11-09 00:00:00
EMC NetWorker Remote Exec service subcmd buffer overflow
2007-11-09 00:00:00
nessus
nessus
EMC Legato Networker Remote Exec Service Stack Overflow RCE
2016-10-20 00:00:00
checkpoint_advisories
checkpoint_advisories
seebug
seebug
EMC Legato Networker nsrexecd.exe服务远程栈溢出漏洞
2007-08-21 00:00:00
securityvulns
securityvulns
ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities
2007-08-21 00:00:00
EMC Legato Networker buffer overflow
2007-08-21 00:00:00
cve
cve
CVE-2007-3618
2007-08-21 21:17:00
zdi
zdi
EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities
2007-08-20 00:00:00