CVE-2008-6219
First published: Fri Feb 20 2009(Updated: )
nsrexecd.exe in multiple EMC Networker products including EMC NetWorker Server, Storage Node, and Client 7.3.x and 7.4, 7.4.1, 7.4.2, Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier, Module for Microsoft Exchange 5.1 and earlier, Module for Microsoft Applications 2.0 and earlier, Module for Meditech 2.0 and earlier, and PowerSnap 2.4 SP1 and earlier does not properly control the allocation of memory, which allows remote attackers to cause a denial of service (memory exhaustion) via multiple crafted RPC requests.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell EMC NetWorker | <=7.3 | |
| Dell EMC NetWorker | <=7.3.2 | |
| Dell EMC NetWorker | =7.4 | |
| Dell EMC NetWorker | =7.4.1 | |
| Dell EMC NetWorker | =7.4.2 | |
| Dell EMC NetWorker | <=2.0 | |
| Dell EMC NetWorker | <=2.0 | |
| Dell EMC NetWorker | <=5.1 | |
| Dell EMC NetWorker | <=2.4 | |
| NetWorker | <=7.3 | |
| NetWorker | =7.4 | |
| NetWorker | =7.4.1 | |
| NetWorker | =7.4.2 | |
| Dell EMC NetWorker | <=7.3 | |
| Dell EMC NetWorker | <=7.3.2 | |
| Dell EMC NetWorker | =7.4 | |
| Dell EMC NetWorker | =7.4.1 | |
| Dell EMC NetWorker | =7.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securitytracker.com/id?1021095
- http://www.fortiguardcenter.com/advisory/FGA-2008-23.html
- http://www.securityfocus.com/bid/31866
- http://secunia.com/advisories/32383
- http://www.vupen.com/english/advisories/2008/2894
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46035
- http://www.securityfocus.com/archive/1/497666/100/0/threaded
- http://www.securityfocus.com/archive/1/497645/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-6219?
CVE-2008-6219 has been classified as high severity due to its potential to allow unauthorized access to sensitive data.
Which versions are vulnerable to CVE-2008-6219?
CVE-2008-6219 affects EMC NetWorker products including versions 7.3.x, 7.4, 7.4.1, 7.4.2 of the Server, Client, and Storage Node.
How do I fix CVE-2008-6219?
To remediate CVE-2008-6219, update to a patched version of the EMC NetWorker software as recommended by EMC.
What is the impact of exploiting CVE-2008-6219?
Exploiting CVE-2008-6219 may lead to unauthorized disclosure of information or compromise the integrity of backup operations.
Are there any workarounds for CVE-2008-6219?
Workarounds for CVE-2008-6219 include restricting access to the nsrexecd.exe service and implementing network segmentation.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/emc
- canonical/dell emc networker
- version/dell emc networker/7.3
- version/dell emc networker/7.3.2
- version/dell emc networker/7.4
- version/dell emc networker/7.4.1
- version/dell emc networker/7.4.2
- version/dell emc networker/2.0
- version/dell emc networker/5.1
- version/dell emc networker/2.4
- canonical/networker
- version/networker/7.3
- version/networker/7.4
- version/networker/7.4.1
- version/networker/7.4.2