EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
References
Link | Resource |
---|---|
http://secunia.com/advisories/16464 | Patch Vendor Advisory |
http://secunia.com/advisories/16470 | Vendor Advisory |
http://securitytracker.com/id?1014713 | Patch |
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1 | Patch Vendor Advisory |
http://www.kb.cert.org/vuls/id/606857 | Patch Third Party Advisory US Government Resource |
http://www.legato.com/support/websupport/product_alerts/081605_NW_authentication.htm | Patch |
http://www.osvdb.org/18800 | |
http://www.securityfocus.com/bid/14582 | Patch |
https://exchange.xforce.ibmcloud.com/vulnerabilities/21887 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2005-08-20T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-02-11T00:00:00
Link: CVE-2005-0357
JSON object: View
NVD Information
Status : Modified
Published: 2005-08-23T04:00:00.000
Modified: 2017-07-11T01:32:15.390
Link: CVE-2005-0357
JSON object: View
Redhat Information
No data.
CWE