CVE-2005-3659

Name of the Vulnerable Software and Affected Versions EMC Legato NetWorker versions 7.1.x through 7.1.3 EMC Legato NetWorker versions 7.2.x through 7.2.1.Build.313 Sun Solstice Backup (SBU) versions 6.0 through 6.1 StorEdge Enterprise Backup Software (EBS) versions 7.1 through 7.2L

Description The issue allows remote attackers to cause a denial of service, resulting in the nsrd service crash, via a malformed RPC request to RPC program number 390109. This triggers a null dereference.

Recommendations For EMC Legato NetWorker versions 7.1.x through 7.1.3, update to version 7.1.4 or later. For EMC Legato NetWorker versions 7.2.x through 7.2.1.Build.313, update to version 7.2.1.Build.314 or later. For Sun Solstice Backup (SBU) versions 6.0 through 6.1, consider disabling the RPC program number 390109 as a temporary workaround until a patch is available. For StorEdge Enterprise Backup Software (EBS) versions 7.1 through 7.2L, restrict access to the RPC program number 390109 to minimize the risk of exploitation.