EMC Legato NetWorker uses weak AUTH_UNIX authentication, allowing a remote attacker to execute arbitrary commands, gain elevated privileges, or cause a denial of service.
EMC Legato NetWorker is a cross-platform backup and recovery application. It is also repackaged by Sun Microsystems as Solstice Backup and StorEdge Enterprise Backup, by FSC as Fujitsu Siemens Computers' NetWorker, by NEC as WebSAM NetWorker Powered by Legato, and by Fujitsu as NetWorker.
A remote unauthenticated attacker may take any of the following actions:
Apply a patch or upgrade
Thanks to the NOAA NCIRT Lab for reporting this vulnerability.
This document was written by Will Dormann.
|Date First Published:||2005-08-16|
|Date Last Updated:||2005-10-04 18:42 UTC|