CVE-2005-0358

EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.

Published: Aug 23, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0358
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
emc / legato_networker	6.0	6.0.x
emc / legato_networker	7.2	7.2.x
emc / legato_networker	4.2.2	4.2.2.x
sun / storedge_enterprise_backup_software	7.0	7.0.x
sun / storedge_enterprise_backup_software	7.1	7.1.x
sun / storedge_enterprise_backup_software	7.2	7.2.x
sun / solstice_backup	6.1	6.1.x
emc / legato_networker	7.13	7.13.x
sun / solstice_backup	6.0	6.0.x
emc / legato_networker	6.1	6.1.x

http://secunia.com/advisories/16464
http://secunia.com/advisories/16470
http://securitytracker.com/id?1014713
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101886-1
http://www.kb.cert.org/vuls/id/407641
http://www.legato.com/support/websupport/product_alerts/081605_NW_token_authentication.htm
http://www.osvdb.org/18801
http://www.securityfocus.com/bid/14582
https://exchange.xforce.ibmcloud.com/vulnerabilities/21892

Vulnerability Database

289,871

CVE-2005-0358