'ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.
From:       <Security_Alert () emc ! com>
Date:       2011-01-26 22:03:58
Message-ID: 39391E3CD5D1DB40B781134386E307FF01085E1B () MX23A ! corp ! emc ! com
[Download RAW message or body]

["ESA-2011-003.txt" (text/plain)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.


EMC Identifier: ESA-2011-003

CVE Identifier: CVE-2011-0321


Severity Rating: CVSS v2 Base Score: 8.5 (AV:N/AC:L/Au:N/C:P/I:N/A:C)


Affected products:
EMC NetWorker earlier than 7.5.3.5
EMC NetWorker earlier than 7.6.1.2


Vulnerability Summary:
A vulnerability exists in EMC NetWorker which can be exploited to potentially create \
a denial of service condition or eavesdrop on process communications.


Vulnerability Details:
EMC Networker uses an RPC library to provide a portmapper service within nsrexecd. \
The portmapper restricts access for service commands to the localhost. However, the \
UDP protocol allows malicious users to spoof the source address of the network packet \
making it appear it originated from the localhost. This potentially may allow  a \
remote malicious user to unregister existing NetWorker RPC services or register new \
RPC services.


Problem Resolution:
The following EMC NetWorker products contain resolutions to this issue:


EMC NetWorker version 7.5.3.5
EMC NetWorker version 7.5 SP4 and later
EMC NetWorker version 7.6.1.2 and later


EMC strongly recommends all customers apply the latest patches which contain the \
resolution to this issue, at the earliest opportunity.


Link to remedies:


For 7.5 SP3 and earlier users:
This fix is available  in build 7.5.3.5 and 7.5 SP4.  EMC recommends updating to the \
7.5 SP4 version.  Registered EMC Powerlink customers can download the NetWorker 7.5 \
SP4 software from Powerlink. For NetWorker Software, navigate in Powerlink to Home > \
Support > Software Downloads and Licensing > Downloads J-O > NetWorker.


For 7.6 SP1 and 7.6 users:
The fix is available in 7.6.1.2 and subsequent cumulative build releases.  For \
details on the 7.6.1.x cumulative fix releases including download details, refer to \
the NetWorker 7.6 Cumulative Hotfix Summary document on EMC Powerlink.


Because the view is restricted based on customer agreements, you may not have \
permission to view certain downloads. Should you not see a software download you \
believe you should have access to, follow the instructions in EMC Knowledgebase \
solution emc116045.


For explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. \
EMC recommends that all customers take into account both the base score and any \
relevant temporal and environmental scores, which may impact the potential severity \
associated with particular security vulnerability.


Credits:
EMC would like to thank an anonymous researcher working with TippingPoint's Zero Day \
Initiative (http://www.zerodayinitiative.com) for reporting this issue.


EMC Corporation distributes EMC Security Advisories in order to bring to the \
attention of users of the affected EMC products important security information. EMC \
recommends all users determine the applicability of this information to their \
individual situations and take appropriate action. The information set forth herein \
is provided "as is" without warranty of any kind. EMC disclaims all warranties, \
either express or implied, including the warranties of merchantability, fitness for a \
particular purpose, title and non-infringement. In no event shall EMC or its \
suppliers be liable for any damages whatsoever including direct, indirect, \
incidental, consequential, loss of business profits or special damages, even if EMC \
or its suppliers have been advised of the possibility of such damages. Some states do \
not allow the exclusion or limitation of liability for consequential or incidental \
damages so the foregoing limitation may not apply.


EMC Product Security Response Center
Security_Alert@EMC.com
http://www.emc.com/contact-us/contact/product-security-response-center.htm


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iEYEARECAAYFAk1AmSsACgkQtjd2rKp+ALyxkwCeIB5VSY1U6/1h/yWAluRlERtj
40sAoIHN3TfWLIq+t9wR0WtmYQknZVws
=ddyY
-----END PGP SIGNATURE-----



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic