| Facing some Vulnerabilities [message #382614] |
Fri, 23 January 2009 04:08  |
manoj12
Messages: 210
Registered: March 2008
Location: India
|
Senior Member |
|
|
Dear Sir
I am facing some vulnerabilities in the server.Request you to look and help me to resolve the issues
| Quote: |
1 The remote host is running one of the following product : - Legato Networker - Sun StorEdge Enterprise Backup Software - Sun Solstice Backup Software The remote version of this software is vulnerable to denial of service, unauthorized access and remote command execution vulnerabilities
2. The account 'root' on the remote host has the password 'root. An attacker may leverage this issue to gain total control of the affected system.
3.An attacker may exploit this flaw to execute arbitrary code on the remote host with the privileges of the httpd process.
4. It is used by diskless clients to get the necessary information needed to boot properly. If an attacker uses the BOOTPARAMPROC_WHOAMI and provides the correct address of the client, then he will get its NIS domain back from the server. Once the attacker discovers the NIS domain name, it may easily get your NIS password file.
|
Need your help to resolve the above issue
Regards
[Updated on: Fri, 23 January 2009 04:53] by Moderator Report message to a moderator |
|
|
|
| Re: Facing some Vulnerabilities [message #382629 is a reply to message #382614] |
Fri, 23 January 2009 04:56  |
 |
Michel Cadot
Messages: 68718
Registered: March 2007
Location: Saint-Maur, France, https...
|
Senior Member
Account Moderator |
|
|
Don't use code tags for something that is not code or result array or does not need to keep formatting.
This question bears no connection with Oracle.
Please find a more appropriate forum.
The topic is locked.
Regards
Michel
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
