{"cve": [{"lastseen": "2016-09-03T16:35:34", "references": ["http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html", "http://www.securityfocus.com/bid/55883", "http://www.securitytracker.com/id?1027647"], "edition": 1, "description": "The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel.", "reporter": "NVD", "published": "2012-10-18T13:55:01", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CVE-2012-2290", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-2290"], "scanner": [], "modified": "2013-04-18T23:21:30", "cpe": ["cpe:/a:emc:networker_module_for_microsoft_applications:2.2.1", "cpe:/a:emc:networker_module_for_microsoft_applications:2.3", "cpe:/a:emc:networker_module_for_microsoft_applications:2.4"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2290", "id": "CVE-2012-2290", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-03T16:35:27", "references": ["http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html", "http://www.securityfocus.com/bid/55883", "http://www.securitytracker.com/id?1027647"], "edition": 1, "description": "The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.", "reporter": "NVD", "published": "2012-10-18T13:55:01", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "CVE-2012-2284", "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-2284"], "scanner": [], "modified": "2013-04-18T23:21:29", "cpe": ["cpe:/a:emc:networker_module_for_microsoft_applications:2.2.1", "cpe:/a:emc:networker_module_for_microsoft_applications:2.3", "cpe:/a:emc:networker_module_for_microsoft_applications:2.4"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2284", "id": "CVE-2012-2284", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-01T23:39:40", "references": ["http://seclists.org/bugtraq/2012/Oct/67"], "pluginID": "62946", "description": "The version of EMC NetWorker (formerly Legato NetWorker) Module for Microsoft Applications installed on the remote host is 2.2.1, 2.3 prior to 2.3 build 122, or 2.4 prior to 2.4 build 375. As such, it reportedly is affected by multiple vulnerabilities, including arbitrary code execution and an information disclosure vulnerability that could allow an attacker the ability to obtain plaintext credentials.", "edition": 6, "reporter": "Tenable", "published": "2012-11-16T00:00:00", "title": "EMC NetWorker Module for Microsoft Applications 2.2.1 / 2.3.x < 2.3 build 122 / 2.4.x < 2.4 build 375 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2284", "CVE-2012-2290"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/a:emc:networker_module_for_microsoft_applications"], "id": "EMC_NETWORKER_MODULE_2_4_375.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62946", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62946);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\n\n script_cve_id(\"CVE-2012-2284\", \"CVE-2012-2290\");\n script_bugtraq_id(55883);\n script_xref(name:\"IAVA\", value:\"2012-A-0177\");\n\n script_name(english:\"EMC NetWorker Module for Microsoft Applications 2.2.1 / 2.3.x < 2.3 build 122 / 2.4.x < 2.4 build 375 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of EMC NetWorker Module for Microsoft Applications\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of EMC NetWorker (formerly Legato NetWorker) Module for\nMicrosoft Applications installed on the remote host is 2.2.1, 2.3\nprior to 2.3 build 122, or 2.4 prior to 2.4 build 375. As such, it\nreportedly is affected by multiple vulnerabilities, including\narbitrary code execution and an information disclosure vulnerability\nthat could allow an attacker the ability to obtain plaintext\ncredentials.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/bugtraq/2012/Oct/67\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to EMC NetWorker Module for Microsoft Applications 2.3 build\n122 / 2.4 build 375 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:emc:networker_module_for_microsoft_applications\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"emc_networker_installed.nasl\");\n script_require_keys(\"installed_sw/EMC NetWorker\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = \"EMC NetWorker\";\nmodname = 'Module for Microsoft Applications';\nfullname = appname+\" \"+modname;\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\nver = install[modname+' Version'];\npath = install['path'];\n\n# Module is not installed\nif(empty_or_null(ver)) audit(AUDIT_NOT_INST,fullname);\n\nif (\n ver =~ \"^2\\.2\\.1\\.\" ||\n (ver =~ \"^2\\.3\\.0\\.\" && ver_compare(ver:ver,fix:\"2.3.0.122\",strict:FALSE) < 0) ||\n (ver =~ \"^2\\.4\\.0\\.\" && ver_compare(ver:ver,fix:\"2.4.0.375\",strict:FALSE) < 0)\n)\n{\n port = get_kb_item(\"SMB/transport\");\n if(isnull(port)) port = 445;\n\n if (report_verbosity > 0)\n {\n fix = '2.3.0.122 / 2.4.0.375';\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, fullname, ver, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "references": [], "description": "\r\n\r\n\r\n\r\n\r\n\r\nESA-2012-025.txt\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities.\r\n\r\nEMC Identifier: ESA-2012-025\r\n\r\nCVE Identifier: CVE-2012-2284,CVE-2012-2290\r\n\r\nSeverity Rating: See below for individual severity scores\r\n\r\nEMC Identifier: NW140018,NW142106,NW141316\r\n\r\n\r\nAffected Products:\r\n\r\nEMC NetWorker Module for Microsoft Applications 2.2.1\r\n\r\nEMC NetWorker Module for Microsoft Applications 2.3 prior to build 122\r\n\r\nEMC NetWorker Module for Microsoft Applications 2.4 prior to build 375\r\n\r\n\r\n\r\nVulnerability Summary:\r\n\r\nVulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.\r\n\r\n\r\nVulnerability Details:\r\n\r\nEMC NetWorker Module for Microsoft Applications Remote Code Execution Vulnerability (CVE-2012-2290)\r\nCVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)\r\n\r\nA vulnerability exists in EMC NMM where the communication channel between the NMM components can remain unprotected in certain circumstances. This may allow a remote unauthenticated user to connect over TCP to a NMM Client and send a specially-crafted message to execute arbitrary code on the affected systems. This impacts all NMM clients including each client within a cluster.\r\n\r\n \r\nEMC NetWorker Module for Microsoft Applications Information Disclosure Vulnerability (CVE-2012-2284)\r\nCVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)\r\n\r\nWhen installing or upgrading EMC NetWorker Module for Microsoft Applications on a Microsoft Exchange Server, sensitive administrator credentials are visible in clear text after completion of the install/upgrade. This will occur regardless of successful or failed installations.\r\n\r\nNOTE: This vulnerability only affects NMM when using Exchange Server. \r\n\r\n\r\nProblem Resolution:\r\n\r\nThe following EMC NMM products contain a resolution for these issues:\r\n\r\nEMC NetWorker Module for Microsoft Applications 2.3 build 122 and later\r\n \r\nEMC NetWorker Module for Microsoft Applications 2.4 build 375 and later \r\n\r\nFor customers using Microsoft Exchange Server who are impacted by the Information Disclosure Vulnerability (CVE-2012-2284), the above fixed builds will not expose sensitive credentials in new installations and subsequent upgrades. For existing Exchange installations, customers must refer to EMC Knowledgebase solution esg130356 for additional mitigation steps. EMC strongly recommends all customers upgrade to above builds on all NMM clients. Link to Remedies: Registered EMC Online Support customers can download software from Online Support. Select Support by Product and type NetWorker Module for Microsoft Applications. From this page, select Downloads, Documentation, or Advisories as required.\r\n\r\nEMC strongly recommends all customers upgrade to above builds on all NMM clients. \r\n\r\n\r\nLink to Remedies:\r\n\r\nRegistered EMC Online Support customers can download software from Online Support. \r\n\r\nSelect Support by Product and type NetWorker Module for Microsoft Applications. \r\n\r\n- From this page, select Downloads, Documentation, or Advisories as required.\r\n\r\n\r\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.\r\n\r\nBecause the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045.\r\n\r\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.\r\n\r\nEMC Product Security Response Center\r\n\r\nSecurity_Alert@EMC.COM\r\n\r\nhttp://www.emc.com/contact-us/contact/product-security-response-center.html \r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (Cygwin)\r\n\r\niEYEARECAAYFAlB1wtwACgkQtjd2rKp+ALwTcwCcCtU5dRETey3yLGqEoriil2Ow\r\njkgAn1TJO3xMf9/471toVAKGdTgYyqK7\r\n=Z/q5\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2012-10-15T00:00:00", "title": "ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:46", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2012-2284", "CVE-2012-2290"], "modified": "2012-10-15T00:00:00", "id": "SECURITYVULNS:DOC:28630", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28630", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
