Check Point Advisories

Preemptive Protection Against EMC NetWorker librpc.dll Security Check Bypass (CVE-2011-0321)

Check Point Reference: CPAI-2011-113
Date Published: 14 Aug 2011
Severity: High
Last Updated: Tuesday 01 November, 2011
Source:
Industry Reference:CVE-2011-0321
Protection Provided by:
Who is Vulnerable? EMC Legato NetWorker 7.5 prior to 7.5.3.5
EMC Legato NetWorker 7.6 prior to 7.6.1.2
Vulnerability Description A security bypass vulnerability exists in EMC Legato Networker.
Update/Patch AvaliableESA-2011-003
Vulnerability DetailsThe vulnerability is due to insufficient validation of the source address inside UDP packets sent to the service. By spoofing the source address in the UDP request an attacker can start or stop RPC services. Successful exploitation will allow an attacker to eavesdrop on communications or to cause a denial of service condition in the target server.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK