EMC NetWorker Incorrect Permissions Let Local Users Gain Elevated Privileges
SecurityTracker Alert ID: 1025383|
SecurityTracker URL: http://securitytracker.com/id/1025383
(Links to External Site)
Date: Apr 18 2011
Execution of arbitrary code via local system, Root access via local system, User access via local system|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): 7.5.x, 7.6.x|
A vulnerability was reported in EMC NetWorker. A local user can obtain elevated privileges on the target system.|
A local user can exploit a permissions error to execute arbitrary code on the target system with elevated privileges.
Stefan Wuensch of Harvard University reported this vulnerability.
A local user can obtain elevated privileges on the target system.|
The vendor has issued a fix (22.214.171.124, 126.96.36.199).|
Vendor URL: www.emc.com/ (Links to External Site)
Access control error|
|Underlying OS: Linux (Any), UNIX (HP/UX), UNIX (macOS/OS X), UNIX (SGI/IRIX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (Any)|
Source Message Contents
Subject: ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability|
Content-type: text/plain; CHARSET=US-ASCII
Content-type: text/plain; name=ESA-2011-013.txt
Content-disposition: attachment; filename=ESA-2011-013.txt; size=4063;
creation-date="Mon, 18 Apr 2011 10:55:24 GMT";
modification-date="Mon, 18 Apr 2011 10:54:10 GMT"
-----BEGIN PGP SIGNED MESSAGE-----
ESA-2011-013: EMC NetWorker arbitrary code execution with elevated privileges vulnerability.
EMC Identifier: ESA-2011-013
CVE Identifier: CVE-2011-1421
Severity Rating: CVSS v2 Base Score: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C)
EMC SW: EMC NetWorker 7.5.x
EMC SW: EMC NetWorker 7.6.x
EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.
Unspecified file in EMC NetWorker contains incorrect permissions. This can potentially be exploited in certain conditions by an authenticated user to execute malicious code in the context of privileged user on the affected system. The vulnerability only exists for environments that are utilizing client push.
The following EMC NetWorker products contain resolution to this issue:
EMC NetWorker 188.8.131.52 and later cumulative build. For details regarding all fixes included in this build, refer to the NetWorker 7.6 Cumulative Hotfixes document on <A href="http://powerlink.emc.com/">Powerlink</A>. Home > Products > Software E-O > NetWorker > Key Enhancements/Support Notes > NetWorker 7.6.
EMC NetWorker 184.108.40.206 and later cumulative build. For details regarding all fixes included in this build refer to the NetWorker 7.5 Cumulative Hotfixes document on <A href="http://powerlink.emc.com/">Powerlink</A>. Home > Products > Software E-O > NetWorker > Key Enhancements/Support Notes > NetWorker 7.5.
EMC strongly recommends, at the earliest opportunity, all customers apply the patch or upgrade to the latest version of the product which contains the resolution to this issue.
Link to remedies:
Registered EMC Powerlink customers can download software from Powerlink.
For EMC NetWorker Software, navigate in Powerlink to Home > Support > Technical Documentation and Advisories > Software J-O Documentation > NetWorker Family > NetWorker and select the applicable NetWorker version.
Because the view is restricted based on customer agreements, you may not have permission to view certain downloads. Should you not see a software download you believe you should have access to, follow the instructions in EMC Knowledgebase solution emc116045.
Credits: EMC would like to thank Stefan Wuensch of Harvard University for reporting this issue.
For an explanation of Severity Ratings, refer to EMC Knowledgebase solution emc218831. EMC recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
EMC Corporation distributes EMC Security Advisories in order to bring to the attention of users of the affected EMC products important security information. EMC recommends all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall EMC or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
EMC Product Security Response Center
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
-----END PGP SIGNATURE-----