Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1421

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1421
Last Modified 21 Sep 2011 11:30:12
Published 22 Apr 2011 06:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1421

Summary

EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors.

Vulnerable Systems

Application

  • Emc Networker 7.5.2.0

  • Emc Networker 7.5.2.1

  • Emc Networker 7.5.2.2

  • Emc Networker 7.5.2.3

  • Emc Networker 7.5.2.4

  • Emc Networker 7.5.3

  • Emc Networker 7.5.3.1

  • Emc Networker 7.5.3.2

  • Emc Networker 7.5.3.3

  • Emc Networker 7.5.3.4

  • Emc Networker 7.5.3.5

  • Emc Networker 7.5.4

  • Emc Networker 7.5.4.1

  • Emc Networker 7.5.4.2

  • Emc Networker 7.6

  • Emc Networker 7.6.0.2

  • Emc Networker 7.6.0.3

  • Emc Networker 7.6.0.4

  • Emc Networker 7.6.0.5

  • Emc Networker 7.6.0.6

  • Emc Networker 7.6.0.7

  • Emc Networker 7.6.0.8

  • Emc Networker 7.6.0.9

  • Emc Networker 7.6.1

  • Emc Networker 7.6.1.1

  • Emc Networker 7.6.1.2

  • Emc Networker 7.6.1.3

  • Emc Networker 7.6.1.4


References

VUPEN - ADV-2011-1025

BID - 47410

BUGTRAQ - 20110418 ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability

SECTRACK - 1025383

SREASON - 8214

SECUNIA - 44237


Last Updated: 27 May 2016 10:56:18