Signature Detail

APP: EMC NetWorker librpc.dll Security Check Bypass

This signature detects attempts to exploit a known security bypass vulnerability against EMC Legato Networker. A successful attack can lead to arbitrary code execution.

Extended Description

EMC NetWorker is prone to a vulnerability that allows attackers to spoof source addresses. An attacker can exploit this issue to spoof a source address, allowing the attacker to perform denial-of-service attacks or eavesdrop on process communications.

Affected Products

• EMC Networker 6.0
• EMC Networker 6.1
• EMC Networker 7.3
• EMC Networker 7.3.2
• EMC Networker 7.3 SP4 Build 565
• EMC Networker 7.4.2
• EMC Networker 7.4 SP3
• EMC Networker 7.5.3.4
• EMC Networker 7.5 SP3
• EMC Networker 7.6.1.1
• IBM Aix 5.3.12
• IBM Aix 6.1.6
• IBM Aix 6.1.7
• IBM Aix 7.1.0
• IBM Aix 7.1.1
• IBM AIX 5.3
• IBM AIX 5.3.0
• IBM AIX 5.3.0.10
• IBM AIX 5.3.0.20
• IBM AIX 5.3.0 L
• IBM AIX 5.3.10
• IBM AIX 5.3.11
• IBM AIX 5.3.12
• IBM AIX 5.3.7
• IBM AIX 5.3.8
• IBM AIX 5.3.9
• IBM AIX 5.3 Ml03
• IBM AIX 5.3 Sp6
• IBM AIX 6.1
• IBM AIX 6.1.0
• IBM AIX 6.1.1
• IBM AIX 6.1.2
• IBM AIX 6.1.3
• IBM AIX 6.1.4
• IBM AIX 6.1.5
• IBM AIX 7.1
• IBM AIX 7.1

References

• BugTraq: 46044
• CVE: CVE-2011-0321