EMC Legato Networker Remote Exec Service Stack Overflow RCE
High Nessus Plugin ID 94163
SynopsisA backup application running on the remote host is affected by a remote code execution vulnerability.
DescriptionThe EMC Legato Networker application running on the remote host is affected by a stack overflow condition in the Networker Remote Exec Service (nsrexecd.exe), specifically within the sprintf() function, when handling poll or kill requests. An unauthenticated, remote attacker can exploit this, via a crafted request using a long invalid subcmd, to execute arbitrary code.
SolutionContact the vendor for an update as referenced in knowledge base article esg83899.