SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   EMC NetWorker Vendors:   EMC
EMC NetWorker 'nsrexecd.exe' Memory Allocation Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1021095
SecurityTracker URL:  http://securitytracker.com/id/1021095
CVE Reference:   CVE-2008-6219   (Links to External Site)
Updated:  Feb 26 2009
Original Entry Date:  Oct 23 2008
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 7.4 SP3
Description:   A vulnerability was reported in EMC NetWorker. A remote user can cause denial of service conditions.

A remote user can send a series of specially crafted RPC requests to cause the 'nsrexecd.exe' process to allocate excessive memory resources.

The following versions are affected:

NetWorker Server, Storage Node and Client 7.3.x and 7.4, 7.4.1, 7.4.2
NetWorker Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier
NetWorker Module for Microsoft Exchange 5.1 and earlier
NetWorker Module for Microsoft Applications 2.0 and earlier
NetWorker Module for Meditech 2.0 and earlier
NetWorker PowerSnap 2.4 SP1 and earlier

Zhenhua Liu, Xiaopeng Zhang, and Junfeng Jia of Fortinet's FortiGuard Global Security Research Team reported this vulnerability.

Impact:   A remote user can consume excessive memory on the target system.
Solution:   The vendor has issued a fix, available at:

http://powerlink.emc.com/

The following versions contain the fix:

NetWorker Server, Storage Node and Client 7.4 SP3
NetWorker Server, Storage Node and Client 7.3 SP4 build 565
NetWorker Client and Storage Node for Open VMS 7.3.2 ECO7
NetWorker Module for Microsoft Exchange 5.1 SP1
NetWorker Module for Microsoft Applications 2.1
NetWorker Module for Meditech 2.0 SP1
NetWorker PowerSnap 2.4 SP2

Vendor URL:  www.emc.com/ (Links to External Site)
Cause:   Resource error
Underlying OS:  Linux (Any), UNIX (HP/UX), UNIX (macOS/OS X), UNIX (SGI/IRIX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  [Full-disclosure] FGA-2008-23:EMC NetWorker Denial of Service

--===============0620201435==
Content-Type: text/plain;
	charset="gb2312"
Content-Transfer-Encoding: base64

RkdBLTIwMDgtMjM6RU1DIE5ldFdvcmtlciBEZW5pYWwgb2YgU2VydmljZSBWdWxuZXJhYmlsaXR5
HSANCjIwMDguT2N0b2Jlci4yMSAdIA0KHSANCkZvcnRpbmV0J3MgRm9ydGlHdWFyZCBHbG9iYWwg
U2VjdXJpdHkgUmVzZWFyY2ggVGVhbSBEaXNjb3ZlcnMgVnVsbmVyYWJpbGl0eSBpbiBFTUMgTmV0
V29ya2VyIB0gDQodIA0KU3VtbWFyeTodIA0KHSANCkEgcmVzb3VyY2UgZXhoYXVzdGlvbiB2dWxu
ZXJhYmlsaXR5IGV4aXN0cyB0aHJvdWdob3V0IG11bHRpcGxlIEVNQyBwcm9kdWN0cyB0aHJvdWdo
IGFuIGV4cGxvaXRlZCBSUEMgaW50ZXJmYWNlLh0gDQodIA0KSW1wYWN0Oh0gDQodIA0KRGVuaWFs
IG9mIHNlcnZpY2UuIB0gDQodIA0KUmlzazodIA0KHSANCk1lZGl1bR0gDQodIA0KQWZmZWN0ZWQg
U29mdHdhcmU6HSANCh0gDQpOZXRXb3JrZXIgU2VydmVyLCBTdG9yYWdlIE5vZGUgYW5kIENsaWVu
dCA3LjQgU1AzIB0gDQpOZXRXb3JrZXIgU2VydmVyLCBTdG9yYWdlIE5vZGUgYW5kIENsaWVudCA3
LjMgU1A0IGJ1aWxkIDU2NSAdIA0KTmV0V29ya2VyIENsaWVudCBhbmQgU3RvcmFnZSBOb2RlIGZv
ciBPcGVuIFZNUyA3LjMuMiBFQ083IB0gDQpOZXRXb3JrZXIgTW9kdWxlIGZvciBNaWNyb3NvZnQg
RXhjaGFuZ2UgNS4xIFNQMSAdIA0KTmV0V29ya2VyIE1vZHVsZSBmb3IgTWljcm9zb2Z0IEFwcGxp
Y2F0aW9ucyAyLjEgHSANCk5ldFdvcmtlciBNb2R1bGUgZm9yIE1lZGl0ZWNoIDIuMCBTUDEgHSAN
Ck5ldFdvcmtlciBQb3dlclNuYXAgMi40IFNQMiAdIA0KHSANCkFkZGl0aW9uYWwgSW5mb3JtYXRp
b246HSANCh0gDQpUaGUgUlBDIGludGVyZmFjZSB1c2VkIGJ5IHRoZSBhZmZlY3RlZCBFTUMgcHJv
ZHVjdHMgZG9lcyBub3QgcHJvcGVybHkgZW5mb3JjZSBib3VuZHMgY2hlY2tpbmcgb24gYSBwYXJh
bWV0ZXIgd2hpY2ggaXMgdXNlZCB0byBhbGxvY2F0ZSBtZW1vcnkgb24gdGhlIGhlYXAuIFRoZSB2
dWxuZXJhYmxlIE5ldFdvcmtlciBwcm9kdWN0cyB1c2UgdGhlIHByb2Nlc3MgIm5zcmV4ZWNkLmV4
ZSIuIEEgcmVtb3RlIGF0dGFja2VyIGNhbiBleHBsb2l0IHRoaXMgYnkgcmVwZWF0ZWRseSBzZW5k
aW5nIHJlcXVlc3RzIHRvIHRoZSBSUEMgaW50ZXJmYWNlLCBlYWNoIHRpbWUgYWxsb2NhdGluZyBt
b3JlIGFuZCBtb3JlIG1lbW9yeS4gRXZlbnR1YWxseSBzeXN0ZW0gcmVzb3VyY2VzIHdpbGwgYmUg
ZXhoYXVzdGVkLCBhbmQgZGVuaWFsIG9mIHNlcnZpY2UgaXMgYWNoaWV2ZWQuIB0gDQodIA0KU29s
dXRpb25zOh0gDQodIA0KVXNlIHRoZSBzb2x1dGlvbiBwcm92aWRlZCBieSBFTUMgaHR0cDovL3Bv
d2VybGluay5lbWMuY29tLx0gDQpUaGUgRm9ydGlHdWFyZCBHbG9iYWwgU2VjdXJpdHkgUmVzZWFy
Y2ggVGVhbSByZWxlYXNlZCBhIHNpZ25hdHVyZSAiRU1DLlByb2R1Y3RzLk1hbGljaW91cy5BcnJh
eS5Db3VudC5Eb1MiLCB3aGljaCBjb3ZlcnMgdGhpcyBzcGVjaWZpYyB2dWxuZXJhYmlsaXR5HS4g
DQodIA0KRm9ydGluZXQgY3VzdG9tZXJzIHdobyBzdWJzY3JpYmUgdG8gRm9ydGluZXShr3MgaW50
cnVzaW9uIHByZXZlbnRpb24gKElQUykgc2VydmljZSBzaG91bGQgYmUgcHJvdGVjdGVkIGFnYWlu
c3QgdGhpcyByZXNvdXJjZSBleGhhdXN0aW9uIHZ1bG5lcmFiaWxpdHkuIEZvcnRpbmV0oa9zIElQ
UyBzZXJ2aWNlIGlzIG9uZSBjb21wb25lbnQgb2YgRm9ydGlHdWFyZCBTdWJzY3JpcHRpb24gU2Vy
dmljZXMsIHdoaWNoIGFsc28gb2ZmZXIgY29tcHJlaGVuc2l2ZSBzb2x1dGlvbnMgc3VjaCBhcyBh
bnRpdmlydXMsIFdlYiBjb250ZW50IGZpbHRlcmluZyBhbmQgYW50aXNwYW0gY2FwYWJpbGl0aWVz
LiBUaGVzZSBzZXJ2aWNlcyBlbmFibGUgcHJvdGVjdGlvbiBhZ2FpbnN0IHRocmVhdHMgb24gYm90
aCBhcHBsaWNhdGlvbiBhbmQgbmV0d29yayBsYXllcnMuIEZvcnRpR3VhcmQgU2VydmljZXMgYXJl
IGNvbnRpbnVvdXNseSB1cGRhdGVkIGJ5IHRoZSBGb3J0aUd1YXJkIEdsb2JhbCBTZWN1cml0eSBS
ZXNlYXJjaCBUZWFtLCB3aGljaCBlbmFibGVzIEZvcnRpbmV0IHRvIGRlbGl2ZXIgYSBjb21iaW5h
dGlvbiBvZiBtdWx0aS1sYXllcmVkIHNlY3VyaXR5IGludGVsbGlnZW5jZSBhbmQgdHJ1ZSB6ZXJv
LWRheSBwcm90ZWN0aW9uIGZyb20gbmV3IGFuZCBlbWVyZ2luZyB0aHJlYXRzLiBUaGVzZSB1cGRh
dGVzIGFyZSBkZWxpdmVyZWQgdG8gYWxsIEZvcnRpR2F0ZSwgRm9ydGlNYWlsIGFuZCBGb3J0aUNs
aWVudCBwcm9kdWN0cy4gRm9ydGluZXQgc3RyaWN0bHkgZm9sbG93cyByZXNwb25zaWJsZSBkaXNj
bG9zdXJlIGd1aWRlbGluZXMgdG8gZW5zdXJlIG9wdGltdW0gcHJvdGVjdGlvbiBkdXJpbmcgYSB0
aHJlYXQncyBsaWZlY3ljbGUuIB0gDQodIA0KUmVmZXJlbmNlczodIA0KHSANCmh0dHA6Ly9wb3dl
cmxpbmsuZW1jLmNvbS8dIA0KaHR0cDovL3d3dy5mb3J0aWd1YXJkY2VudGVyLmNvbS9hZHZpc29y
eS9GR0EtMjAwOC0yMy5odG1sDQoNCkFja25vd2xlZGdlbWVudDodIA0KHSANClpoZW5odWEgTGl1
LCBYaWFvcGVuZyBaaGFuZyBhbmQgSnVuZmVuZyBKaWEgb2YgRm9ydGluZXQncyBGb3J0aUd1YXJk
IEdsb2JhbCBTZWN1cml0eSBSZXNlYXJjaCBUZWFtDQoKKioqIFRoaXMgZW1haWwgYW5kIGFueSBh
dHRhY2htZW50cyB0aGVyZXRvIG1heSBjb250YWluIHByaXZhdGUsIGNvbmZpZGVudGlhbCwgYW5k
IHByaXZpbGVnZWQgbWF0ZXJpYWwgZm9yIHRoZSBzb2xlIHVzZSBvZiB0aGUgaW50ZW5kZWQgcmVj
aXBpZW50LiAgQW55IHJldmlldywgY29weWluZywgb3IgZGlzdHJpYnV0aW9uIG9mIHRoaXMgZW1h
aWwgKG9yIGFueSBhdHRhY2htZW50cyB0aGVyZXRvKSBieSBvdGhlcnMgaXMgc3RyaWN0bHkgcHJv
aGliaXRlZC4gIElmIHlvdSBhcmUgbm90IHRoZSBpbnRlbmRlZCByZWNpcGllbnQsIHBsZWFzZSBj
b250YWN0IHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYW5kIHBlcm1hbmVudGx5IGRlbGV0ZSB0aGUg
b3JpZ2luYWwgYW5kIGFueSBjb3BpZXMgb2YgdGhpcyBlbWFpbCBhbmQgYW55IGF0dGFjaG1lbnRz
IHRoZXJldG8uICoqKgo=


--===============0620201435==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--===============0620201435==--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC