Vulnerabilities > EMC > Networker
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-03 | CVE-2013-0940 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | 7.2 |
| 2013-01-17 | CVE-2012-4607 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Networker Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data. | 9.3 |
| 2012-09-04 | CVE-2012-2288 | USE of Externally-Controlled Format String vulnerability in EMC Networker 7.6.3/7.6.4/8.0 Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message. | 9.3 |
| 2012-01-27 | CVE-2012-0395 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Networker Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | 9.3 |
| 2011-04-22 | CVE-2011-1421 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. | 6.9 |
| 2011-02-01 | CVE-2011-0321 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 |
| 2007-03-02 | CVE-2006-3892 | Remote Authentication Bypass vulnerability in EMC Networker 7.3.2 The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. | 10.0 |
| 2002-03-25 | CVE-2002-0114 | Unspecified vulnerability in EMC Networker 6.1 EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. | 4.6 |
| 2002-03-25 | CVE-2002-0113 | Unspecified vulnerability in EMC Networker 6.1 EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. | 4.6 |
| 2001-11-21 | CVE-2001-0910 | Authentication vulnerability in EMC Networker 6.0 Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. | 7.5 |