PT-2005-1434 · Sun Microsystems+1 · Storedge Enterprise Backup+2

Published

2005-08-20

Updated

2017-07-11

CVE-2005-0358

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EMC Legato NetWorker versions 6.0 and 6.1 Solstice Backup versions 6.0 and 6.1 StorEdge Enterprise Backup versions 6.0 through 7.2

Description The issue allows remote attackers to gain privileges by modifying an authentication token due to improper verification of authentication tokens.

Recommendations For EMC Legato NetWorker versions 6.0 and 6.1, update to a version that properly verifies authentication tokens. For Solstice Backup versions 6.0 and 6.1, update to a version that properly verifies authentication tokens. For StorEdge Enterprise Backup versions 6.0 through 7.2, update to a version that properly verifies authentication tokens. As a temporary workaround, consider restricting access to authentication token modification until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0358

Affected Products

Emc Legato Networker

Solstice Backup

Storedge Enterprise Backup

PT-2005-1434 · Sun Microsystems+1 · Storedge Enterprise Backup+2

CVE-2005-0358

Related Identifiers

Affected Products

References · 10