EMC Software Information for VU#801089

EMC Legato NetWorker portmapper allows remote calls to "pmap_set" and "pmap_unset"

Status

Affected

Vendor Statement

EMC has created - and made available to customers - a software patch
to fix the vulnerability identified in this advisory. The patch is
available for download at
http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm
An integrated resolution to this vulnerability will be
available in the next release of EMC Legato NetWorker, which is
planned to be generally available in Q4 of 2005.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.