Overview
The EMC Legato NetWorker PortMapper allows remote access to pmap_set and pmap_unset. This could allow a remote attacker to cause a denial of service or potentially to eavesdrop on communications between NetWorker programs.
Description
EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun Microsystems as Solstice Backup and StorEdge Enterprise Backup, by FSC as Fujitsu Siemens Computers' NetWorker, by NEC as WebSAM NetWorker Powered by Legato, and by Fujitsu as NetWorker. Legato PortMapper |
Impact
A remote unauthenticated attacker may be able to create a denial-of-service condition by unregistering NetWorker services. An attacker may be able to eavesdrop on NetWorker process communications by registering a new RPC service. |
Solution
Apply a patch or upgrade |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
- http://www.legato.com/support/websupport/product_alerts/081605_NW-7x.htm
- http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1
- http://www.legato.com/products/networker/
- http://www.legato.com/support/websupport/tech_bulletins/?includefile=388.html#portmapper
- http://secunia.com/advisories/16464/
- http://secunia.com/advisories/16470/
- http://www.securiteam.com/exploits/3E5Q3S0N5K.html
- http://www.tldp.org/HOWTO/NIS-HOWTO/portmapper.html
- http://www.cnn.com/2005/TECH/internet/07/25/hackers.backup.software.reut/index.html
Acknowledgements
Thanks to the NOAA NCIRT Lab for reporting this vulnerability.
This document was written by Will Dormann.
Other Information
CVE IDs: | CVE-2005-0359 |
Severity Metric: | 3.66 |
Date Public: | 2005-08-16 |
Date First Published: | 2005-08-16 |
Date Last Updated: | 2005-09-19 15:11 UTC |
Document Revision: | 29 |