The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of NetWorker

cybersecurity vulnerability CVE-2013-3285

EMC NetWorker: password disclosure

Synthesis of the vulnerability

A authenticated attacker can read EMC NetWorker logs, in order to obtain the administrator's password.
Severity: 2/4.
Creation date: 29/10/2013.
Identifiers: BID-63402, CERTA-2013-AVI-612, CVE-2013-3285, ESA-2013-072, NW152441, VIGILANCE-VUL-13663.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The NetWorker Management Console authentication can be configured to use AD/LDAP.

However, in this case, the NMC administrator password is logged in clear text.

A authenticated attacker can therefore read EMC NetWorker logs, in order to obtain the administrator's password.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2013-0943

EMC NetWorker: information disclosure via nsradmin

Synthesis of the vulnerability

An attacker can use the nsradmin utility of EMC NetWorker, in order to obtain sensitive information about the configuration.
Severity: 2/4.
Creation date: 30/07/2013.
Identifiers: BID-61496, CERTA-2013-AVI-447, CVE-2013-0943, ESA-2013-033, NW144712, VIGILANCE-VUL-13180.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use the nsradmin utility of EMC NetWorker, in order to obtain sensitive information about the configuration.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2013-0940

EMC NetWorker: privilege escalation via nsrpush

Synthesis of the vulnerability

A local attacker can use an unprotected file of nsrpush of EMC NetWorker, in order to escalate his privileges.
Severity: 2/4.
Creation date: 03/05/2013.
Identifiers: BID-59620, CERTA-2013-AVI-289, CVE-2013-0940, ESA-2013-028, NW147983, VIGILANCE-VUL-12751.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The EMC NetWorker product uses the nsrpush service.

However, access permissions to certain files of nsrpush are not secured.

A local attacker can therefore use an unprotected file of nsrpush of EMC NetWorker, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

weakness alert CVE-2012-4607

EMC NetWorker: buffer overflow of nsrindexd

Synthesis of the vulnerability

A remote attacker can trigger a buffer overflow in the RPC nsrindexd service of EMC NetWorker, in order to stop it, or to execute code.
Severity: 3/4.
Creation date: 08/01/2013.
Identifiers: BID-57182, CERTA-2013-AVI-005, CVE-2012-4607, ESA-2013-001, NW145612, NW145894, VIGILANCE-VUL-12307, ZDI-13-019, ZDI-13-020.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A remote attacker can trigger a buffer overflow in the RPC nsrindexd service of EMC NetWorker, in order to stop it, or to execute code.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2012-2284 CVE-2012-2290

EMC NetWorker Module for Microsoft Applications: two vulnerabilities

Synthesis of the vulnerability

An attacker can use two vulnerabilities of EMC NetWorker Module for Microsoft Applications, in order to execute code or to obtain the administrator's password.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 12/10/2012.
Identifiers: BID-55883, CERTA-2012-AVI-571, CVE-2012-2284, CVE-2012-2290, ESA-2012-025, VIGILANCE-VUL-12069.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The EMC NetWorker Module for Microsoft Applications (NMM) product uses the Microsoft Volume Shadow Copy Service technology to process backups. This product is impacted by two vulnerabilities.

An unauthenticated attacker can connect to a NMM client, and send a special message, in order to execute code. [severity:3/4; CVE-2012-2290]

When NMM is installed or updated on a Microsoft Exchange server, the administrator's password is stored in clear text in a file. [severity:2/4; CVE-2012-2284]

An attacker can therefore use two vulnerabilities of EMC NetWorker Module for Microsoft Applications, in order to execute code or to obtain the administrator's password.
Full Vigil@nce bulletin... (Free trial)

threat CVE-2012-2288

EMC NetWorker: format string in nsrd

Synthesis of the vulnerability

A network attacker can send a malicious message to EMC NetWorker, in order to generate a format string attack, leading to code execution.
Severity: 3/4.
Creation date: 31/08/2012.
Identifiers: BID-55330, CERTA-2012-AVI-481, CVE-2012-2288, EIP-2012-0001, ESA-2012-038, VIGILANCE-VUL-11912.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The RPC nsrd service of EMC NetWorker processes save and restore operations.

However, the RPC procedure 0x06 of service 0x5F3DD version 0x02 directly transmits the received parameter to the lg_sprintf() function. An attacker can thus send a format parameter to this procedure, in order to corrupt the memory with "%n".

A network attacker can therefore send a malicious message to EMC NetWorker, in order to generate a format string attack, leading to code execution.
Full Vigil@nce bulletin... (Free trial)

computer weakness CVE-2011-0321

AIX, EMC NetWorker: access to RPC

Synthesis of the vulnerability

A network attacker can spoof UDP packets, in order to alter RPC services of AIX or EMC NetWorker, or to obtain information.
Severity: 2/4.
Creation date: 28/01/2011.
Revision date: 09/05/2012.
Identifiers: BID-46044, CERTA-2011-AVI-048, CERTA-2012-AVI-273, CVE-2011-0321, ESA-2011-003, IV07315, IV08677, IV08787, IV13543, IV14728, IV17941, VIGILANCE-VUL-10313, ZDI-11-168.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The EMC NetWorker product installs librpc.dll, which processes RPC services. The AIX system also provides RPC services. Both implementations are different, but they are impacted by the same vulnerability.

A remote attacker can send UDP packets with the localhost address, in order to access to RPC. He can thus register or unregister RPC services, or obtain information.

A network attacker can therefore spoof UDP packets, in order to alter RPC services of AIX or EMC NetWorker, or to obtain information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 11447

EMC NetWorker: denial of service of nsrexecd via hash

Synthesis of the vulnerability

An attacker can send malformed RPC data to nsrexecd, in order to stop it.
Severity: 2/4.
Creation date: 15/03/2012.
Identifiers: BID-52506, VIGILANCE-VUL-11447.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The EMC NetWorker server connects to nsrexecd daemons which are installed on clients. This daemon processes RPC queries, and opens a dynamic port which is superior to 8000 in most cases.

A hash is computed on data received on this dynamic port. However, if these data are malformed, the hash computation is done at an invalid memory address, so nsrexecd stops.

An attacker can therefore send malformed RPC data to nsrexecd, in order to stop it.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2012-0395

EMC NetWorker: code execution

Synthesis of the vulnerability

A remote unauthenticated attacker can connect to EMC NetWorker Server, in order to create a buffer overflow, which leads to a denial of service or to code execution.
Severity: 3/4.
Creation date: 27/01/2012.
Revision date: 09/02/2012.
Identifiers: BID-51684, CVE-2012-0395, ESA-2012-005, NW135173, VIGILANCE-VUL-11321, ZDI-12-025.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The EMC NetWorker Server service listens with RPC on port numbers superior to 1024.

The indexd.exe process is associated to the RPC Program 0x0005F3D9. If an attacker sends long data to this program, an overflow occurs.

A remote unauthenticated attacker can therefore connect to EMC NetWorker Server, in order to create a buffer overflow, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2011-1421

EMC NetWorker: privilege elevation via Client Push

Synthesis of the vulnerability

A local attacker can use the Client Push feature of EMC NetWorker, in order to elevate his privileges.
Severity: 2/4.
Creation date: 19/04/2011.
Identifiers: BID-47410, CVE-2011-1421, ESA-2011-013, VIGILANCE-VUL-10576.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Client Push feature of EMC NetWorker is used to update the product on network computers.

However, permissions on files/directories used by Client Push are incorrect. Technical details are unknown, but a local attacker could create/alter a file to be executed with administrator's privileges.

A local attacker can therefore use the Client Push feature of EMC NetWorker, in order to elevate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about NetWorker: