Vulnerability CVE-2008-6219


Published: 2009-02-20   Modified: 2012-02-12

Description:
nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests.

See advisories in our WLB2 database:
Topic
Author
Date
High
EMC NetWorker Denial of Service Vulnerability
noreply-secresea...
23.10.2008
High
EMC NetWorker Denial of Service Vulnerability
Fortinet\'s...
21.02.2009

Type:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
EMC -> Networker client 
EMC -> Networker module 
EMC -> Networker powersnap 
EMC -> Networker server 
EMC -> Networker storage node 

 References:
http://www.fortiguardcenter.com/advisory/FGA-2008-23.html
http://www.securityfocus.com/archive/1/497645/100/0/threaded
http://www.securityfocus.com/archive/1/497666/100/0/threaded
http://www.securityfocus.com/bid/31866
http://www.securitytracker.com/id?1021095
http://www.vupen.com/english/advisories/2008/2894
https://exchange.xforce.ibmcloud.com/vulnerabilities/46035

Copyright 2024, cxsecurity.com

 

Back to Top