Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0358

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0358
Last Modified 10 Sep 2008 03:35:24
Published 23 Aug 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0358

Summary

EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.

Vulnerable Systems

Application

  • Emc Legato Networker 4.2.2

  • Emc Legato Networker 6.0

  • Emc Legato Networker 6.1

  • Emc Legato Networker 7.13

  • Emc Legato Networker 7.2

  • Sun Solstice Backup 6.0

  • Sun Solstice Backup 6.1

  • Sun Storedge Enterprise Backup Software 7.0

  • Sun Storedge Enterprise Backup Software 7.1

  • Sun Storedge Enterprise Backup Software 7.2


References

CERT-VN - VU#407641

XF - legato-token-gain-privileges(21892)

BID - 14582

SUNALERT - 101886

SECTRACK - 1014713

SECUNIA - 16464

OSVDB - 18801

CONFIRM - http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm

SECUNIA - 16470


Last Updated: 27 May 2016 10:39:46