Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd."
http://secunia.com/advisories/26517
http://securityreason.com/securityalert/3043
http://www.securityfocus.com/archive/1/477172/100/0/threaded
http://www.securityfocus.com/bid/25375
http://www.securitytracker.com/id?1018590
http://www.vupen.com/english/advisories/2007/2931
Source: MITRE
Published: 2007-08-21
Updated: 2018-10-15
Type: NVD-CWE-Other
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH
OR
cpe:2.3:a:emc:legato_networker:7.0:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:7.1.3:*:*:*:*:*:*:*
cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
94163 | EMC Legato Networker Remote Exec Service Stack Overflow RCE | Nessus | Gain a shell remotely | high |
4182 | EMC Legato Networker 'nsrexecd.exe' Overflow | Nessus Network Monitor | Generic | medium |