Vulnerability in Emc Networker

CVE-2011-0321

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or…

EPSS: 0.016 (82.4th percentile) — read the EPSS interpretation.

Affected products

Emc Networker — versions 6.0, 6.1, 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

security_alert@emc.com (x_refsource_CONFIRM)
1025010 (vdb-entry, x_refsource_SECTRACK)
46044 (vdb-entry, x_refsource_BID)
networker-librpc-security-bypass(64997) (vdb-entry, x_refsource_XF)
20110126 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability. (mailing-list, x_refsource_BUGTRAQ)
70686 (x_refsource_OSVDB, vdb-entry)
43113 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
ADV-2011-0241 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)