 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.802831 |
| Category: | Denial of Service |
| Title: | EMC NetWorker 'nsrexecd' RPC Packet DoS Vulnerability |
| Summary: | EMC NetWorker is prone to a denial of service (DoS); vulnerability. |
| Description: | Summary: EMC NetWorker is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error in the NetWorker Remote Exec Service (nsrexecd.exe), which fails to compute hash value when processing malformed RPC packets. Which could be exploited by remote attackers to crash an affected server which listens on some default ports in range 8000 to 9000 used for the RPC programs 390435 and 390436. Vulnerability Impact: Successful exploitation will allow attackers to cause denial of service condition. Affected Software/OS: EMC NetWorker version 7.6 SP3 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |