Signature Detail

APP: EMC NetWorker nsrindexd.exe Procedure 0x01 Buffer Overflow

This signature detects attempts to exploit a known vulnerability in EMC NetWorker. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

EMC NetWorker is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following EMC NetWorker versions are vulnerable: EMC NetWorker Server 7.5.x EMC NetWorker Server 7.6.x

Affected Products

• EMC Networker 7.5.2.0
• EMC Networker 7.5.2.1
• EMC Networker 7.5.2.2
• EMC Networker 7.5.2.3
• EMC Networker 7.5.2.4
• EMC Networker 7.5.3
• EMC Networker 7.5.3.1
• EMC Networker 7.5.3.2
• EMC Networker 7.5.3.3
• EMC Networker 7.5.3.4
• EMC Networker 7.5.3.4
• EMC Networker 7.5.3.5
• EMC Networker 7.5.3.5
• EMC Networker 7.5.4
• EMC Networker 7.5.4.1
• EMC Networker 7.5.4.2
• EMC Networker 7.5.4.3
• EMC Networker 7.5.4.3
• EMC Networker 7.5 SP3
• EMC Networker 7.5 SP4
• EMC Networker 7.6
• EMC Networker 7.6.0.2
• EMC Networker 7.6.0.3
• EMC Networker 7.6.0.4
• EMC Networker 7.6.0.5
• EMC Networker 7.6.0.6
• EMC Networker 7.6.0.7
• EMC Networker 7.6.0.8
• EMC Networker 7.6.0.9
• EMC Networker 7.6.1
• EMC Networker 7.6.1.1
• EMC Networker 7.6.1.1
• EMC Networker 7.6.1.2
• EMC Networker 7.6.1.2
• EMC Networker 7.6.1.3
• EMC Networker 7.6.1.4
• EMC Networker 7.6.1.5
• EMC Networker 7.6.1.5
• EMC Networker 7.6 Sp1

References

• BugTraq: 51684
• CVE: CVE-2012-0395