EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
BID:22789
Info
EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
| Bugtraq ID: | 22789 |
| Class: | Access Validation Error |
| CVE: |
CVE-2006-3892 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 02 2007 12:00AM |
| Updated: | Mar 02 2007 07:15PM |
| Credit: | The National Oceanic and Atmospheric Administration (NOAA) Computer Incident Response Team (N-CIRT) Lab discovered this vulnerability. |
| Vulnerable: |
EMC Legato Networker 7.3.2 |
| Not Vulnerable: | |
Discussion
EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
The EMC NetWorker Management Console is prone to a vulnerability that allows remote attackers to bypass authentication.
Successfully exploiting this issue allows remote attackers to gain remote administrative access to vulnerable computers.
The EMC NetWorker Management Console is prone to a vulnerability that allows remote attackers to bypass authentication.
Successfully exploiting this issue allows remote attackers to gain remote administrative access to vulnerable computers.
Exploit / POC
EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
Solution:
EMC has released patches to address this issue. Please see the references for more information.
EMC Legato Networker 7.3.2
Solution:
EMC has released patches to address this issue. Please see the references for more information.
EMC Legato Networker 7.3.2
-
EMC NetWorker 7.3.2 732JumboUpdate1
ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1
References
EMC NetWorker Management Console Remote Authentication Bypass Vulnerability
References:
References: