First published: Wed Nov 21 2001(Updated: )
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NetWorker | =6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2001-0910 is classified as a high severity vulnerability due to the potential for unauthorized access to the Networker interface.
To fix CVE-2001-0910, update to a version of Legato Networker that is 6.1 or later, which contains the necessary security patches.
CVE-2001-0910 affects Legato Networker version 6.0 and earlier versions, which are vulnerable to privilege escalation through spoofing.
CVE-2001-0910 exploits the inability to authenticate the admin server name and IP address, allowing attackers to bypass security measures.
Organizations using affected versions of Legato Networker are at risk, particularly those with insufficient network security to prevent IP spoofing.