Search...

EMC NetWorker buffer overflow

2015-04-17T00:00:00

ID SECURITYVULNS:VULN:14391
Type securityvulns
Reporter BUGTRAQ
Modified 2015-04-17T00:00:00

Description

nsr_render_log buffer overflow

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:14391", "bulletinFamily": "software", "title": "EMC NetWorker buffer overflow", "description": "nsr_render_log buffer overflow", "published": "2015-04-17T00:00:00", "modified": "2015-04-17T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14391", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31919"], "cvelist": ["CVE-2015-0530"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:00", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "238cd0da7806c743812ed668e8bf4a80"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "77b3a9d88b20bf6d69f85b3a795b9671"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "dcf23b9ca5d081d47e0b8b5aafc82345"}, {"key": "href", "hash": "1e9cb6da7461736c0863682c23939e6d"}, {"key": "modified", "hash": "e6695a6d07d6d88320479ddf417d77d7"}, {"key": "published", "hash": "e6695a6d07d6d88320479ddf417d77d7"}, {"key": "references", "hash": "ccb2963f202773dfcc41f0c6bca7402b"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "b173729ef9b3c770ef881388209ba728"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "c52df215d49cef827a99bb1eaacbd909196b4df7457b1f353b11b3f01651c772", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-08-31T11:10:00"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "affectedSoftware": [{"name": "NetWorker", "operator": "eq", "version": "8.2"}]}

{"cve": [{"lastseen": "2017-04-18T15:55:53", "references": ["http://www.securitytracker.com/id/1032147", "http://seclists.org/bugtraq/2015/Apr/103"], "edition": 2, "description": "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.", "reporter": "NVD", "published": "2015-04-16T21:59:24", "title": "CVE-2015-0530", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "cve", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2015-0530"], "scanner": [], "modified": "2017-01-02T21:59:40", "cpe": ["cpe:/a:emc:networker:8.1.1.9", "cpe:/a:emc:networker:8.1.1.4", "cpe:/a:emc:networker:8.2.0.0", "cpe:/a:emc:networker:8.1.1.6", "cpe:/a:emc:networker:8.1.2.4", "cpe:/a:emc:networker:8.1.0.4", "cpe:/a:emc:networker:8.1.0.5", "cpe:/a:emc:networker:8.0.4.3", "cpe:/a:emc:networker:8.2.0.4", "cpe:/a:emc:networker:8.2.1.1", "cpe:/a:emc:networker:8.1.0.0", "cpe:/a:emc:networker:8.1.1.5", "cpe:/a:emc:networker:8.1.1.7", "cpe:/a:emc:networker:8.1.1.0", "cpe:/a:emc:networker:8.1.0.1", "cpe:/a:emc:networker:8.1.1.3", "cpe:/a:emc:networker:8.2.0.6", "cpe:/a:emc:networker:8.1.0.3", "cpe:/a:emc:networker:8.1.1.8", "cpe:/a:emc:networker:8.1.2.5", "cpe:/a:emc:networker:8.2.0.3", "cpe:/a:emc:networker:8.2.0.1", "cpe:/a:emc:networker:8.2.0.5", "cpe:/a:emc:networker:8.1.1.1", "cpe:/a:emc:networker:8.2.0.2", "cpe:/a:emc:networker:8.2.1.0", "cpe:/a:emc:networker:8.1.0.2", "cpe:/a:emc:networker:8.1.2.2", "cpe:/a:emc:networker:8.1.2.3", "cpe:/a:emc:networker:8.1.1.2", "cpe:/a:emc:networker:8.1.2.1", "cpe:/a:emc:networker:8.1.2.0"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0530", "id": "CVE-2015-0530", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:56:33", "references": ["http://seclists.org/bugtraq/2015/Apr/att-103/ESA-2015-069.txt"], "pluginID": "83032", "description": "The EMC NetWorker installed on the remote Windows host is a version prior to 8.0.4.3, or version 8.1.x prior to 8.1.2.6, or 8.2.x prior to 8.2.1.2 . It is, therefore, affected by a buffer overflow flaw in the nsr_render_log command-line interface. A local attacker can exploit this to execute arbitrary code with root privileges on all EMC Networker managed hosts.", "edition": 5, "reporter": "Tenable", "published": "2015-04-23T00:00:00", "title": "EMC NetWorker nsr_render_log Local Privilege Escalation", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0530"], "modified": "2018-07-10T00:00:00", "cpe": ["cpe:/a:emc:networker"], "id": "EMC_NETWORKER_ESA_2015-069.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83032", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83032);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\n\n script_cve_id(\"CVE-2015-0530\");\n script_bugtraq_id(74164);\n\n script_name(english:\"EMC NetWorker nsr_render_log Local Privilege Escalation\");\n script_summary(english:\"Checks the version of EMC NetWorker.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host has an application installed that is affected\nby a local privilege escalation vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The EMC NetWorker installed on the remote Windows host is a version\nprior to 8.0.4.3, or version 8.1.x prior to 8.1.2.6, or 8.2.x prior to\n8.2.1.2 . It is, therefore, affected by a buffer overflow flaw in the\nnsr_render_log command-line interface. A local attacker can exploit\nthis to execute arbitrary code with root privileges on all EMC\nNetworker managed hosts.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/bugtraq/2015/Apr/att-103/ESA-2015-069.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to EMC NetWorker 8.0.4.3 / 8.1.2.6 / 8.2.1.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:emc:networker\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"emc_networker_installed.nasl\");\n script_require_keys(\"installed_sw/EMC NetWorker\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = \"EMC NetWorker\";\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\nversion = install['version'];\npath = install['path'];\n\nfix = NULL;\nif (ver_compare(ver:version, fix:'8.0.4.3', strict:FALSE) < 0)\n fix = '8.0.4.3';\nelse if (version =~ \"^8\\.1\\.\" && ver_compare(ver:version, fix:'8.1.2.6', strict:FALSE) < 0)\n fix = '8.1.2.6';\nelse if (version =~ \"^8\\.2\\.\" && ver_compare(ver:version, fix:'8.2.1.2', strict:FALSE) < 0)\n fix = '8.2.1.2';\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, 'EMC NetWorker', version, path);\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, extra:report);\n}\nelse security_hole(port);\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability \r\n\r\nEMC Identifier: ESA-2015-069\r\n\r\nCVE Identifier: CVE-2015-0530\r\n\r\nSeverity Rating: CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)\r\n\r\nAffected products: \r\n\r\n\u2022\tAll versions of NetWorker prior to the following:\r\no\tEMC NetWorker 8.0.4.3\r\no\tEMC NetWorker 8.1.2.6\r\no\tEMC NetWorker 8.2.1.2 \r\nSummary: \r\n\r\nEMC NetWorker contains a buffer overflow vulnerability that may potentially be exploited by attackers to launch arbitrary programs on the affected system.\r\n\r\nDetails: \r\n \r\nEMC NetWorker contains a buffer overflow vulnerability due to using an unsafe function in the nsr_render_log command-line interface utility. An attacker could potentially exploit this vulnerability to launch arbitrary programs with root privileges on all EMC NetWorker managed hosts. \r\n\r\nResolution: \r\n\r\nThe following EMC NetWorker releases contain the resolution to this issue:\r\n\r\n\u2022\tEMC NetWorker 8.0.4.3 and later\r\n\u2022\tEMC NetWorker 8.1.2.6 and later\r\n\u2022\tEMC NetWorker 8.2.1.2 and later\r\n\r\nEMC strongly recommends all customers to upgrade to the versions above at the earliest opportunity.\r\n\r\nLink to remedies:\r\n\r\nRegistered EMC Online Support customers can download patches and software from the EMC Online Support website: https://support.emc.com \r\n\r\nCredits: \r\n\r\nEMC would like to thank CERT NRW for reporting this issue. \r\n\r\n\r\n\r\nRead and use the information in this EMC Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact EMC Software Technical Support at 1-877-534-2867.\r\n\r\nFor an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.\r\n\r\nEMC Corporation distributes EMC Security Advisories, in order to bring to the attention of users of the affected EMC products, important security information. EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.\r\n\r\n\r\n\r\nEMC PRODUCT SECURITY RESPONSE CENTER\r\nsecurity_alert@emc.com\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.13 (Cygwin)\r\n\r\niEYEARECAAYFAlUugs8ACgkQtjd2rKp+ALxtsgCfUnacicaUtbeZL35qUDaI3Fn0\r\nn3oAoIt4PryUN9x7YmY6dNJGTabhGc1g\r\n=qh/k\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-04-17T00:00:00", "title": "ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:58", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-0530"], "modified": "2015-04-17T00:00:00", "id": "SECURITYVULNS:DOC:31919", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31919", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}