Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:9523
HistoryAug 18, 2005 - 12:00 a.m.

[SA16464] Legato NetWorker Multiple Vulnerabilities

2005-08-1800:00:00
vulners.com
9
JSON

Bist Du interessiert an einem neuen Job in IT-Sicherheit?

Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/

TITLE:
Legato NetWorker Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA16464

VERIFY ADVISORY:
http://secunia.com/advisories/16464/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass, Exposure of system information, Exposure of
sensitive information, DoS

WHERE:
>From local network

SOFTWARE:
Legato NetWorker 6.x
http://secunia.com/product/730/
Legato NetWorker 7.x
http://secunia.com/product/2692/

DESCRIPTION:
Three vulnerabilities have been reported in Legato NetWorker, which
can be exploited by malicious people to cause a DoS (Denial of
Service), gain knowledge of sensitive information, or bypass certain
security restrictions.

1) An error in the AUTH_UNIX authentication for the RPC service can
be exploited to bypass the authentication to the nwadmin, nsradmin,
and nsrports components by providing a fake user name or to the
recover and nsrececd components by providing a fake UID.

2) An error in the token-based authentication to the database
services can be exploited to gain administrative privileges without
being listed in the administrator list by sending a specially crafted
token.

3) The portmapper (lgtomapper) allows calls to pmap_set and
pmap_unset, which can be exploited to register and unregister RPC
services thereby causing a DoS or potentially eavesdrop on NetWorker
process communication.

SOLUTION:
Apply patches LGTpa74792, LGTpa78968, and LGTpa78969 (for versions
7.1.3 and 7.2).
http://www.legato.com/support/websupport/patches_updates/networker_security_hotfix.htm

Fixes will also be included in the next release of Legato NetWorker.

PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.

ORIGINAL ADVISORY:
EMC Corporation:
http://www.legato.com/support/websupport/product_alerts/081605_NW-7x.htm

OTHER REFERENCES:
US-CERT VU#407641:
http://www.kb.cert.org/vuls/id/407641

US-CERT VU#606857:
http://www.kb.cert.org/vuls/id/606857

US-CERT VU#801089:
http://www.kb.cert.org/vuls/id/801089

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

JSON