Vigil@nce - EMC NetWorker: denial of service via RPC
February 2016 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An unauthenticated attacker can send a malicious RPC message to
EMC NetWorker, in order to trigger a denial of service.
Impacted products: NetWorker.
Severity: 2/4.
Creation date: 03/12/2015.
DESCRIPTION OF THE VULNERABILITY
The EMC NetWorker product offers a RPC service.
However, a malformed RPC message generates a fatal error.
Technical details are unknown.
An unauthenticated attacker can therefore send a malicious RPC
message to EMC NetWorker, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/EMC-NetWorker-denial-of-service-via-RPC-18438