CVE-2005-3659 | Vulnerability Database | Aqua Security

nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.

Affected Software

Name	Vendor	Start Version	End Version
Legato_networker	Emc	7.2 (including)	7.2 (including)
Legato_networker	Emc	7.2.1 (including)	7.2.1 (including)
Legato_networker	Emc	7.2_build172 (including)	7.2_build172 (including)

References

ftp://ftp.legato.com/pub/NetWorker/Updates/LGTpa83990/README.TXT
http://secunia.com/advisories/18495
http://secunia.com/advisories/18615
http://securitytracker.com/id?1015500
http://securitytracker.com/id?1015545
http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102148-1
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=375
http://www.legato.com/support/websupport/product_alerts/011606_NW.htm
http://www.securityfocus.com/bid/16275
http://www.vupen.com/english/advisories/2006/0233
http://www.vupen.com/english/advisories/2006/0343
https://exchange.xforce.ibmcloud.com/vulnerabilities/24173

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3659
CWE	https://cwe.mitre.org/data/definitions/399.html