547 matches found
ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability
ESA-2013-072.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability EMC Identifier: ESA-2013-072 EMC Identifier: NW152441 CVE Identifier: CVE-2013-3285 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products...
CVE-2013-3285
The NetWorker Management Console NMC in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via 1 unspecified NMC audit reports or 2 requests to RAP resources...
Authentication flaw
The NetWorker Management Console NMC in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via 1 unspecified NMC audit reports or 2 requests to RAP resources...
CVE-2013-3285
The CVE-2013-3285 issue affects EMC NetWorker 8.0.x prior to 8.0.2.3, where the NetWorker Management Console (NMC) using Active Directory/LDAP can allow a remote authenticated user to discover cleartext administrator passwords via NMC audit reports or RAP resource requests. The advisory details t...
CVE-2013-3285
The NetWorker Management Console NMC in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Directory/LDAP for authentication, allows remote authenticated users to discover cleartext administrator passwords via 1 unspecified NMC audit reports or 2 requests to RAP resources...
EMC NetWorker 8.x < 8.0.2.3 Management Console Information Disclosure
The version of EMC NetWorker is 8.x earlier than 8.0.2.3. As such, it is potentially affected by an information disclosure vulnerability. When the NetWorker Management Console is configured to use Active Directory/LDAP for authentication, an authenticated user may be able to see the AD/LDAP...
EMC Replication Manager Command Execution Vulnerability
This Metasploit module exploits a remote command-injection vulnerability in EMC Replication Manager client irccd.exe. By sending a specially crafted message invoking RunProgram function an attacker may be able to execute arbitrary code commands with SYSTEM privileges. Affected products are EMC...
EMC Replication Manager Command Execution
This module exploits a remote command-injection vulnerability in EMC Replication Manager client irccd.exe. By sending a specially crafted message invoking RunProgram function an attacker may be able to execute arbitrary commands with SYSTEM privileges. Affected products are EMC Replication Manage...
EMC NetWorker nsrpush Process Local Privilege Escalation
The version of EMC NetWorker is earlier than 7.6.5.3 or 8.x earlier than 8.0.1.4. Such versions are potentially affected by a local privilege escalation vulnerability in the nsrpush process. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69982; scriptversion"1.8";...
CVE-2013-0943
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin...
Design/Logic Flaw
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin...
CVE-2013-0943
EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin...
CVE-2013-0943
CVE-2013-0943 affects EMC NetWorker 7.6.x and 8.x prior to 8.1. A privileged local user can leverage the nsradmin utility under OS privileges to decrypt data and obtain sensitive configuration information, yielding a confidential data disclosure vulnerability. The root cause centers on how nsradm...
KLA10146 OSI vulnerability in EMC NetWorker
An unspecified vulnerability was found in EMC NetWorker. By exploiting this vulnerability malicious users can obtain configuration information. This vulnerability can be exploited locally. Original advisories - Related products EMC-NetWorker CVE list CVE-2013-0943 warning Solution Update to lates...
ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability
ESA-2013-033.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-033: EMC NetWorker Information Disclosure Vulnerability EMC Identifier: ESA-2013-033 EMC Identifier: NW144712 CVE Identifier: CVE-2013-0943 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products...
EMC NetWorker information leakage
It's possible to retrieve sensible configuration information...
ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
ESA-2013-028.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability EMC Identifier: ESA-2013-028 EMC Identifier: NW147983 CVE Identifier: CVE-2013- 0940 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected product...
EMC Networker privilege escalation
Weak file permissions...
CVE-2013-0940
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
Code injection
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...