Vulnerability Name:

CVE-2005-3658 (CCN-24174)

Assigned:2005-12-31
Published:2005-12-31
Updated:2017-07-11
Summary:Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CONFIRM
Type: UNKNOWN
ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT

Source: MITRE
Type: CNA
CVE-2005-3658

Source: CCN
Type: SA18495
EMC NetWorker Denial of Service and Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
18495

Source: CCN
Type: SA18615
Sun StorEdge Enterprise Backup / Solstice Backup Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
18615

Source: CCN
Type: SECTRACK ID: 1015500
EMC Legato NetWorker `nsrd.exe` and `nsrexecd.exe` Heap Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1015500

Source: CCN
Type: SECTRACK ID: 1015545
Sun StorEdge `nsrd.exe` and `nsrexecd.exe` Heap Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1015545

Source: CCN
Type: Sun Alert ID: 102148
SecurityVulnerabilities in Sun StorEdge Enterprise Backup Software (EBS)

Source: SUNALERT
Type: UNKNOWN
102148

Source: IDEFENSE
Type: Patch, Vendor Advisory
20060117 EMC Legato Networker nsrd.exe Heap Overflow Vulnerability

Source: IDEFENSE
Type: Patch, Vendor Advisory
20060117 EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability

Source: CCN
Type: Legato Web site
Legato Networker - The Backup and Recovery Performance Leader

Source: CCN
Type: EMC Legato - Technical Product Alert - January 16, 2006
EMC NetWorker

Source: CONFIRM
Type: UNKNOWN
http://www.legato.com/support/websupport/product_alerts/011606_NW.htm

Source: BID
Type: Patch
16275

Source: CCN
Type: BID-16275
EMC Legato Networker Multiple Remote Vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0233

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0343

Source: XF
Type: UNKNOWN
legato-nsrexecd-bo(24174)

Source: XF
Type: UNKNOWN
legato-nsrexecd-bo(24174)

Source: XF
Type: UNKNOWN
legato-nsrd-bo(24175)

Source: CCN
Type: iDEFENSE Security Advisory 01.17.06
EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:emc:legato_networker:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.2_build172:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-3658 (CCN-24175)

    Assigned:2005-11-18
    Published:2006-01-17
    Updated:2006-01-17
    Summary:EMC Legato NetWorker is vulnerable to a heap-based buffer overflow in the nsrd.exe service. By sending a specially-crafted RPC request to RPC program number 390109, a remote attacker could overflow a buffer and execute arbitrary code on the system.

    Note: This vulnerability also affects Sun StorEdge Enterprise Backup Software (EBS).
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2005-3658

    Source: CCN
    Type: SA18495
    EMC NetWorker Denial of Service and Buffer Overflow Vulnerabilities

    Source: CCN
    Type: SA18615
    Sun StorEdge Enterprise Backup / Solstice Backup Vulnerabilities

    Source: CCN
    Type: SECTRACK ID: 1015500
    EMC Legato NetWorker `nsrd.exe` and `nsrexecd.exe` Heap Overflows Let Remote Users Execute Arbitrary Code

    Source: CCN
    Type: SECTRACK ID: 1015545
    Sun StorEdge `nsrd.exe` and `nsrexecd.exe` Heap Overflows Let Remote Users Execute Arbitrary Code

    Source: CCN
    Type: Sun Alert ID: 102148
    SecurityVulnerabilities in Sun StorEdge Enterprise Backup Software (EBS)

    Source: CCN
    Type: Legato Web site
    Legato Networker - The Backup and Recovery Performance Leader

    Source: CCN
    Type: EMC Legato - Technical Product Alert - January 16, 2006
    EMC NetWorker

    Source: CCN
    Type: BID-16275
    EMC Legato Networker Multiple Remote Vulnerabilities

    Source: XF
    Type: UNKNOWN
    legato-nsrd-bo(24175)

    Source: CCN
    Type: iDEFENSE Security Advisory 01.17.06
    EMC Legato Networker nsrd.exe Heap Overflow Vulnerability

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:emc:legato_networker:7.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:emc:legato_networker:7.3.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:sun:solstice_backup:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:solstice_backup:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:sun:storedge_enterprise_backup_software:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:sun:storedge_enterprise_backup_software:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:sun:storedge_enterprise_backup_software:7.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    emc legato networker 7.1.1
    emc legato networker 7.1.2
    emc legato networker 7.1.3
    emc legato networker 7.2
    emc legato networker 7.2.1
    emc legato networker 7.2_build172
    emc legato networker 7.2.1
    emc legato networker 7.3.2
    sun solstice backup 6.0
    sun solstice backup 6.1
    sun storedge enterprise backup software 7.0
    sun storedge enterprise backup software 7.1
    sun storedge enterprise backup software 7.2