Filtered by vendor Emc
Subscriptions
Total
414 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2001-0910 | 1 Emc | 1 Networker | 2024-08-08 | N/A |
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. | ||||
CVE-2002-0114 | 1 Emc | 1 Networker | 2024-08-08 | N/A |
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | ||||
CVE-2002-0113 | 1 Emc | 1 Networker | 2024-08-08 | N/A |
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. | ||||
CVE-2005-3659 | 1 Emc | 1 Legato Networker | 2024-08-07 | N/A |
nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference. | ||||
CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2024-08-07 | N/A |
Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe). | ||||
CVE-2005-2358 | 1 Emc | 1 Navisphere Manager | 2024-08-07 | N/A |
EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to list arbitrary directories via an HTTP request for a directory that ends in a "." (trailing dot). | ||||
CVE-2005-2357 | 1 Emc | 1 Navisphere Manager | 2024-08-07 | N/A |
Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
CVE-2005-2185 | 1 Emc | 1 Eroom | 2024-08-07 | N/A |
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks. | ||||
CVE-2005-2184 | 1 Emc | 1 Eroom | 2024-08-07 | N/A |
eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file. | ||||
CVE-2005-0357 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2024-08-07 | N/A |
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. | ||||
CVE-2005-0359 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2024-08-07 | N/A |
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service. | ||||
CVE-2005-0358 | 2 Emc, Sun | 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software | 2024-08-07 | N/A |
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token. | ||||
CVE-2006-7199 | 1 Emc | 1 Rsa Security Sitekey | 2024-08-07 | N/A |
EMC RSA Security SiteKey allows remote attackers to display the correct image via a man-in-the-middle (MITM) attack in which an attacker-controlled server proxies authentication data to and from a legitimate SiteKey server. NOTE: the vendor disputes the severity of the issue, stating that it is easier to monitor this attack than "attacks against static web pages." | ||||
CVE-2006-7201 | 1 Emc | 1 Rsa Security Sitekey | 2024-08-07 | N/A |
EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP. | ||||
CVE-2006-7200 | 1 Emc | 1 Rsa Security Sitekey | 2024-08-07 | N/A |
EMC RSA Security SiteKey issues challenge-bypass tokens that persist forever without a cancellation interface for end users, which makes it easier for attackers to bypass one stage of authentication by stealing and replaying a token. | ||||
CVE-2006-3892 | 1 Emc | 1 Networker | 2024-08-07 | N/A |
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. | ||||
CVE-2006-2391 | 1 Emc | 1 Retrospect Client | 2024-08-07 | N/A |
Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | ||||
CVE-2006-2154 | 1 Emc | 1 Retrospect | 2024-08-07 | N/A |
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. | ||||
CVE-2006-2155 | 1 Emc | 1 Retrospect | 2024-08-07 | N/A |
EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | ||||
CVE-2007-6426 | 1 Emc | 1 Replistor | 2024-08-07 | N/A |
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data. |