Vulnerability CVE-2005-0358 - CERT Civis.Net

Vulnerability Name:

CVE-2005-0358 (CCN-21892)

Assigned:

2005-08-16

Published:

2005-08-16

Updated:

2017-07-11

Summary:

EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2005-0358

Source: CCN
Type: SA16464
Legato NetWorker Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
16464

Source: CCN
Type: SA16470
Sun StorEdge Enterprise Backup Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
16470

Source: CCN
Type: SECTRACK ID: 1014713
Legato NetWorker AUTH_UNIX, Database, and Portmapper Authentication Can Be Bypassed By Remote Users

Source: SECTRACK
Type: Patch
1014713

Source: CCN
Type: Sun Alert ID: 101886
Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software

Source: SUNALERT
Type: Patch, Vendor Advisory
101886

Source: CCN
Type: CIAC INFORMATION BULLETIN P-281
Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software

Source: CCN
Type: US-CERT VU#407641
EMC Legato NetWorker database services use insufficient authentication

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#407641

Source: CCN
Type: Legato Technical Product Alert August 16, 2005
Token Authentication and Access to Legato NetWorker Server as Root

Source: CONFIRM
Type: UNKNOWN
http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm

Source: OSVDB
Type: UNKNOWN
18801

Source: CCN
Type: OSVDB ID: 18801
Legato NetWorker Crafted Authentication Token Administrator List Bypass

Source: BID
Type: Patch, Vendor Advisory
14582

Source: CCN
Type: BID-14582
EMC Legato Networker Multiple Vulnerabilities

Source: XF
Type: UNKNOWN
legato-token-gain-privileges(21892)

Source: XF
Type: UNKNOWN
legato-token-gain-privileges(21892)

Vulnerable Configuration:

Configuration 1:

cpe:/a:emc:legato_networker:4.2.2:*:*:*:*:*:*:*

OR cpe:/a:emc:legato_networker:6.0:*:*:*:*:*:*:*

OR cpe:/a:emc:legato_networker:6.1:*:*:*:*:*:*:*

OR cpe:/a:emc:legato_networker:7.2:*:*:*:*:*:*:*

OR cpe:/a:emc:legato_networker:7.13:*:*:*:*:*:*:*

OR cpe:/a:sun:solstice_backup:6.0:*:*:*:*:*:*:*

OR cpe:/a:sun:solstice_backup:6.1:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.0:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.1:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:emc:legato_networker:*:*:*:*:*:*:*:*

OR cpe:/a:sun:solstice_backup:6.0:*:*:*:*:*:*:*

OR cpe:/a:sun:solstice_backup:6.1:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.0:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.1:*:*:*:*:*:*:*

OR cpe:/a:sun:storedge_enterprise_backup_software:7.2:*:*:*:*:*:*:*

AND

cpe:/a:novell:netware_client:4.83:*:*:*:*:*:*:*

Denotes that component is vulnerable