ID CVE-2007-3618
Summary Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."
References
Vulnerable Configurations
  • cpe:2.3:a:emc:legato_networker:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:emc:legato_networker:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:legato_networker:7.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:emc:legato_networker:7.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:legato_networker:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:emc:legato_networker:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:emc:legato_networker:7.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:emc:legato_networker:7.3.2:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 15-10-2018 - 21:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 25375
bugtraq 20070820 ZDI-07-049: EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities
misc http://www.zerodayinitiative.com/advisories/ZDI-07-049.html
osvdb 39744
sectrack 1018590
secunia 26517
sreason 3043
vupen ADV-2007-2931
xf networker-nsrexecd-bo(36123)
saint via4
bid 25375
description EMC NetWorker Remote Exec service subcmd buffer overflow
id rpc_legatocategory_remoteexecbo,rpc_legatocategory_version
osvdb 39744
title emc_networker_rexec_subcmd
type remote
Last major update 15-10-2018 - 21:29
Published 21-08-2007 - 21:17
Last modified 15-10-2018 - 21:29
Back to Top