CVE-2005-0358
First published: Sat Aug 20 2005(Updated: )
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NetWorker | =6.0 | |
| NetWorker | =7.2 | |
| NetWorker | =4.2.2 | |
| Sun Storedge Enterprise Backup Software | =7.0 | |
| Sun Storedge Enterprise Backup Software | =7.1 | |
| Sun Storedge Enterprise Backup Software | =7.2 | |
| Sun Solstice Backup | =6.1 | |
| NetWorker | =7.13 | |
| Sun Solstice Backup | =6.0 | |
| NetWorker | =6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1
- http://www.kb.cert.org/vuls/id/407641
- http://www.securityfocus.com/bid/14582
- http://www.osvdb.org/18801
- http://securitytracker.com/id?1014713
- http://secunia.com/advisories/16470
- http://secunia.com/advisories/16464
- http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21892
Frequently Asked Questions
What is the severity of CVE-2005-0358?
CVE-2005-0358 is classified as a high severity vulnerability due to the potential for remote attackers to gain privileges.
How do I fix CVE-2005-0358?
To fix CVE-2005-0358, apply available security patches provided by EMC or update to the latest version of the affected software.
Which software is affected by CVE-2005-0358?
CVE-2005-0358 affects EMC Legato NetWorker versions 4.2.2, 6.0, 6.1, and 7.2, as well as Sun Solstice Backup versions 6.0 and 6.1.
What does CVE-2005-0358 exploit?
CVE-2005-0358 exploits the improper verification of authentication tokens, allowing unauthorized remote privilege escalation.
Can I still use the affected versions of software for CVE-2005-0358 safely?
Using affected versions without applying fixes poses a significant security risk and is not recommended.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/references
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/severity
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/emc
- canonical/networker
- version/networker/6.0
- version/networker/7.2
- version/networker/4.2.2
- vendor/sun
- canonical/sun storedge enterprise backup software
- version/sun storedge enterprise backup software/7.0
- version/sun storedge enterprise backup software/7.1
- version/sun storedge enterprise backup software/7.2
- canonical/sun solstice backup
- version/sun solstice backup/6.1
- version/networker/7.13
- version/sun solstice backup/6.0
- version/networker/6.1