EMC Legato Networker Multiple Vulnerabilities

critical Nessus Plugin ID 19558

Synopsis

Arbitrary code can be executed on the remote host.

Description

The remote host is running one of the following products :

- Legato Networker
- Sun StorEdge Enterprise Backup Software
- Sun Solstice Backup Software
- Informix Storage Manager

The installed version of this software is vulnerable to denial of service, unauthorized access and remote command execution attacks.

Solution

If using Legato Networker, upgrade as necessary to NetWorker 7.1.3 and 7.2 and apply the vendor's patch.

Otherwise, apply the appropriate fix as described in Sun's advisory above.

See Also

http://www.nessus.org/u?f5513702

http://www.nessus.org/u?8c234b0c

Plugin Details

Severity: Critical

ID: 19558

File Name: legato_multiple.nasl

Version: 1.21

Type: remote

Family: Misc.

Published: 9/3/2005

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:emc:legato_networker, cpe:/a:sun:solstice_backup, cpe:/a:sun:storedge_enterprise_backup_software

Required KB Items: LegatoNetworker/installed

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/16/2005

Reference Information

CVE: CVE-2005-0357, CVE-2005-0358, CVE-2005-0359

BID: 14582