CVE ID | CVE-2011-0321, CVE-2011-1210 |
CVSS SCORE | 9.0, AV:N/AC:L/Au:N/C:P/I:P/A:C |
AFFECTED VENDORS |
IBM EMC |
AFFECTED PRODUCTS |
Informix NetWorker |
TREND MICRO CUSTOMER PROTECTION | Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['52']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com |
VULNERABILITY DETAILS |
This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. A remote attack can use this vulnerability to create a denial of service condition or eavesdrop on process communications. |
ADDITIONAL DETAILS |
EMC (Fix posted January 31, 2011): IBM issued patch May 16, 2011: |
DISCLOSURE TIMELINE |
|
CREDIT | Anonymous |