CVE-2005-0359 : The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1,

The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.

Published 2005-08-23 04:00:00

Updated 2025-04-03 01:03:51

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2005-0359

SUN » Solstice Backup » Version: 6.0
cpe:2.3:a:sun:solstice_backup:6.0:*:*:*:*:*:*:*
Matching versions
SUN » Solstice Backup » Version: 6.1
cpe:2.3:a:sun:solstice_backup:6.1:*:*:*:*:*:*:*
Matching versions
SUN » Storedge Enterprise Backup Software » Version: 7.0
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.0:*:*:*:*:*:*:*
Matching versions
SUN » Storedge Enterprise Backup Software » Version: 7.1
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.1:*:*:*:*:*:*:*
Matching versions
SUN » Storedge Enterprise Backup Software » Version: 7.2
cpe:2.3:a:sun:storedge_enterprise_backup_software:7.2:*:*:*:*:*:*:*
Matching versions
EMC » Legato Networker » Version: 4.2.2
cpe:2.3:a:emc:legato_networker:4.2.2:*:*:*:*:*:*:*
Matching versions
EMC » Legato Networker » Version: 7.13
cpe:2.3:a:emc:legato_networker:7.13:*:*:*:*:*:*:*
Matching versions
EMC » Legato Networker » Version: 7.2
cpe:2.3:a:emc:legato_networker:7.2:*:*:*:*:*:*:*
Matching versions
EMC » Legato Networker » Version: 6.0
cpe:2.3:a:emc:legato_networker:6.0:*:*:*:*:*:*:*
Matching versions
EMC » Legato Networker » Version: 6.1
cpe:2.3:a:emc:legato_networker:6.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-0359

EPSS FAQ

10.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 92 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-0359

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:P	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial

References for CVE-2005-0359

http://www.securityfocus.com/bid/14582

Patch

CVEs referencing this url
http://securitytracker.com/id?1014713

Patch

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/21893
http://secunia.com/advisories/16470

Vendor Advisory

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1

Patch;Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/16464

Patch;Vendor Advisory

CVEs referencing this url
http://www.kb.cert.org/vuls/id/801089

Patch;Third Party Advisory;US Government Resource
http://www.osvdb.org/18802
http://www.legato.com/support/websupport/product_alerts/081605_NW_port_mapper.htm

Patch

Jump to

Vulnerability Details : CVE-2005-0359

Products affected by CVE-2005-0359

Exploit prediction scoring system (EPSS) score for CVE-2005-0359

CVSS scores for CVE-2005-0359

References for CVE-2005-0359