ID CVE-2005-0358
Summary EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
References
Vulnerable Configurations
  • cpe:2.3:a:emc:legato_networker:4.2.2
    cpe:2.3:a:emc:legato_networker:4.2.2
  • EMC Corporation Legato NetWorker 6.0
    cpe:2.3:a:emc:legato_networker:6.0
  • EMC Corporation Legato NetWorker 6.1
    cpe:2.3:a:emc:legato_networker:6.1
  • EMC Corporation Legato NetWorker 7.13
    cpe:2.3:a:emc:legato_networker:7.13
  • EMC Corporation Legato NetWorker 7.2
    cpe:2.3:a:emc:legato_networker:7.2
  • Sun Solstice Backup 6.0
    cpe:2.3:a:sun:solstice_backup:6.0
  • cpe:2.3:a:sun:solstice_backup:6.1
    cpe:2.3:a:sun:solstice_backup:6.1
  • Sun StorEdge Enterprise Backup Software 7.0
    cpe:2.3:a:sun:storedge_enterprise_backup_software:7.0
  • Sun StorEdge Enterprise Backup Software 7.1
    cpe:2.3:a:sun:storedge_enterprise_backup_software:7.1
  • Sun StorEdge Enterprise Backup Software 7.2
    cpe:2.3:a:sun:storedge_enterprise_backup_software:7.2
CVSS
Base: 7.5 (as of 23-08-2005 - 09:55)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_119670.NASL
    description Sun StorEdge EBS 7.1: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 23265
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23265
    title Solaris 7 (sparc) : 119670-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_119670.NASL
    description Sun StorEdge EBS 7.1: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 23417
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23417
    title Solaris 8 (sparc) : 119670-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_120649.NASL
    description Sun StorEdge EBS 7.1L: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 36504
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36504
    title Solaris 9 (sparc) : 120649-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_X86_119671.NASL
    description Sun StorEdge EBS 7.1_x86: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 38067
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38067
    title Solaris 7 (x86) : 119671-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_120649.NASL
    description Sun StorEdge EBS 7.1L: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 37733
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37733
    title Solaris 8 (sparc) : 120649-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_119671.NASL
    description Sun StorEdge EBS 7.1_x86: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 36841
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36841
    title Solaris 9 (x86) : 119671-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_119670.NASL
    description Sun StorEdge EBS 7.1: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-02
    modified 2014-08-30
    plugin id 23555
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23555
    title Solaris 9 (sparc) : 119670-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_120649.NASL
    description Sun StorEdge EBS 7.1L: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 37992
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37992
    title Solaris 7 (sparc) : 120649-01
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS8_X86_119671.NASL
    description Sun StorEdge EBS 7.1_x86: Product Patch. Date this patch was last updated by Sun : Aug/16/05
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 37670
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37670
    title Solaris 8 (x86) : 119671-01
  • NASL family Misc.
    NASL id LEGATO_MULTIPLE.NASL
    description The remote host is running one of the following products : - Legato Networker - Sun StorEdge Enterprise Backup Software - Sun Solstice Backup Software - Informix Storage Manager The installed version of this software is vulnerable to denial of service, unauthorized access and remote command execution attacks.
    last seen 2019-01-16
    modified 2018-07-12
    plugin id 19558
    published 2005-09-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19558
    title EMC Legato Networker Multiple Vulnerabilities
refmap via4
bid 14582
cert-vn VU#407641
confirm http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm
osvdb 18801
sectrack 1014713
secunia
  • 16464
  • 16470
sunalert 101886
xf legato-token-gain-privileges(21892)
Last major update 10-09-2008 - 15:35
Published 23-08-2005 - 00:00
Last modified 10-07-2017 - 21:32
Back to Top