QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0321

Published: Feb 1, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

networker-librpc-security-bypass(64997)

vdb-entry

x_refsource_XF

20110126 ESA-2011-003: EMC NetWorker librpc.dll spoofing vulnerability.

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.