APP: EMC NetWorker nsrindexd RPC Service Buffer Overflow

This signature detects attempts to exploit a known vulnerability in EMC NetWorker. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data.

Affected Products

Emc networker

References

CVE: CVE-2012-4607

Short Name
APP:EMC-NSRINDEXD-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2012-4607 EMC NetWorker Overflow RPC Service nsrindexd
Release Date
02/04/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
Port
TCP/7937-65535
False Positive
Unknown
Vendors

Emc

CVSS Score

9.3

Found a potential security threat?