CVE-2005-3658

EMC Legato NetWorker 7.1.x < 7.1.4 and 7.2.x < 7.2.1.Build.314 - Remote Code Execution via Malformed RPC Packets

Title source: llm

Description

Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe).

References (14)

Core 14

Core References

Patch vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015545

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18615

Various Sources x_refsource_confirm

http://www.legato.com/support/websupport/product_alerts/011606_NW.htm

Patch, Vendor Advisory third-party-advisory x_refsource_idefense

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=373

Patch, Vendor Advisory third-party-advisory x_refsource_idefense

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=374

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/24175

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/0343

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/24174

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18495

Patch vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015500

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/16275

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/0233

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1

Various Sources x_refsource_confirm

ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT

Scores

EPSS 0.0567

EPSS Percentile 90.5%

Details

CWE

CWE-119

Status published

Products (6)

emc/legato_networker 7.1.1

emc/legato_networker 7.1.2

emc/legato_networker 7.1.3

emc/legato_networker 7.2

emc/legato_networker 7.2.1

emc/legato_networker 7.2_build172

Published Dec 31, 2005

Tracked Since Feb 18, 2026