EUVD-2010-4046

Malware in sbrugna...

EUVD-2011-0347

Malware in sbrugna...

SUSE CVE-2011-0321

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to 1 register or 2 unregister RPC services, and consequently cause a denial o...

Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

No description provided by source. Exploit Title: ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability Date: 2010-04-08 Author: ZSploit.com Software Link: N/A Version: N/A Tested on: IBM Informix Dynamic Server 10.0 CVE : CVE-2009-2754 ! /usr/bin/env python...

EMC NetWorker 7.6 sp3 - Denial of Service

EMC NetWorker 7.6 sp3 - Denial of Service Luigi Auriemma Application: EMC NetWorker Legato http://www.emc.com/backup-and-recovery/networker/networker.htm Versions: = 7.6 sp3 7.6.3.2 Build 860 Platforms: AIX, HP-UX, Linux, Solaris, Windows Bug: invalid read access Exploitation: remote Date: 14 Mar...

IBM Informix IDS 'librpc.dll'伪造漏洞

IBM Informix Dynamic Server是一款数据库服务程序。 默认监听UDP 111端口的librpc.dll组件存在缺陷，当处理pmapset请求时，进程会校验源地址是否为"127.0.0.1"。此通信通过UDP，无需合法源地址。创建源地址为"127.0.0.1"的UDP报文给此服务，允许远程攻击者注册或注销RPC服务，远程攻击者可以利用此漏洞进行拒绝服务条件或窃听进程通信。 Bugtraq ID: 47875 CVE ID：CVE-2011-1210 IBM Informix IDS 11.70 IBM Informix IDS 11.50.xC8 IBM...

ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability

ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-168 May 16, 2011 -- CVE ID: CVE-2011-0321 & CVE-2011-1210 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: IBM EMC -- Affected Products: IBM Informix EM...

EMC NetWorker address spoofing

librpc.dll library accepts RPC commands in UDP packets with spoofed IPs...

Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability

This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The flaw exists within the librpc.dll component which listens by default on UDP po...

CVE-2011-1210: IBM Informix Dynamic Server librpc.dll information disclosure

The vulnerability CVE-2011-1210 affects IBM Informix Dynamic Server (librpc.dll) and EMC Legato Networker. It exists in the UDP-based RPC portmapper on UDP/111, where librpc.dll processes pmap_set requests by validating the source address (127.0.0.1). Because UDP allows spoofed addresses, a remot...

Update Protection against Multiple Vendors librpc.dll Stack Buffer Overflow

A buffer overflow vulnerability exists in IBM's Informix Dynamic Server and EMC's Legato Networker. The vulnerability is due to insufficient validation of user input during authentication by the RPC protocol parsing library, librpc.dll, used by the Portmapper service portmap.exe. Successful...

CVE-2011-0321

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to 1 register or 2 unregister RPC services, and consequently cause a denial o...

Design/Logic Flaw

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to 1 register or 2 unregister RPC services, and consequently cause a denial o...

CVE-2011-0321

EMC NetWorker’s librpc.dll (nsrexecd) is vulnerable to a UDP-based spoofing flaw that permits remote attackers to register or unregister RPC services. The affected versions include EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2. The root cause is inadequate mitigat...

ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability. EMC Identifier: ESA-2011-003 CVE Identifier: CVE-2011-0321 Severity Rating: CVSS v2 Base Score: 8.5 AV:N/AC:L/Au:N/C:P/I:N/A:C Affected products: EMC NetWorker earlier than 7.5.3.5 EMC...

CVE-2010-4070

Integer overflow in librpc.dll in portmap.exe aka the ISM Portmapper service in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server IDS 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a...

Integer overflow

Integer overflow in librpc.dll in portmap.exe aka the ISM Portmapper service in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server IDS 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a...

CVE-2010-4070

Integer overflow in librpc.dll in portmap.exe aka the ISM Portmapper service in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server IDS 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a...

CVE-2010-4070

The CVE-2010-4070 issue is an Integer overflow in librpc.dll (portmap.exe) used by the ISM Portmapper service in IBM Informix Dynamic Server (IDS). The overflow occurs via a crafted parameter size and can lead to remote code execution or a denial of service (heap memory corruption). Affected IDS ...

IBM Informix Dynamic Server librpc.dll Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper...