Vulnerabilities > EMC > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-02-01 | CVE-2011-0321 | Permissions, Privileges, and Access Controls vulnerability in EMC Networker librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. | 6.4 |
| 2010-06-07 | CVE-2010-1904 | SQL Injection vulnerability in EMC RSA KEY Manager Client 1.5.0 SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote attackers to execute arbitrary SQL commands via the metadata section of encrypted key data. | 6.8 |
| 2009-10-22 | CVE-2009-3744 | Remote Denial of Service vulnerability in EMC Replistor 6.3.1.3 rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144. | 5.0 |
| 2009-04-06 | CVE-2008-4916 | Remote vulnerability in VMware Hosted Products VMSA-2009-0005 Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. | 4.6 |
| 2008-07-24 | CVE-2008-3288 | Cryptographic Issues vulnerability in EMC Dantz Retrospect Backup Server 7.5.508 The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. | 5.0 |
| 2007-07-30 | CVE-2007-4058 | Path Traversal vulnerability in EMC VMWare 6.0.0 Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method. | 4.3 |
| 2006-05-03 | CVE-2006-2155 | Local Security vulnerability in Retrospect for Windows EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | 4.6 |
| 2005-12-31 | CVE-2005-3659 | Resource Management Errors vulnerability in EMC Legato Networker 7.2/7.2.1/7.2Build172 nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference. | 5.0 |
| 2005-08-23 | CVE-2005-0359 | Multiple vulnerability in EMC Legato Networker The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service. | 6.4 |
| 2005-08-16 | CVE-2005-2358 | Directory Traversal And Information Disclosure vulnerability in EMC Navisphere Manager EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot). | 5.0 |