The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Networker_module_for_microsoft_applications | Emc | 2.2.1 (including) | 2.2.1 (including) |
| Networker_module_for_microsoft_applications | Emc | 2.3 (including) | 2.3 (including) |
| Networker_module_for_microsoft_applications | Emc | 2.4 (including) | 2.4 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html
- http://osvdb.org/86157
- http://secunia.com/advisories/50957
- http://www.securityfocus.com/bid/55883
- http://www.securitytracker.com/id?1027647
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html
- http://osvdb.org/86157
- http://secunia.com/advisories/50957
- http://www.securityfocus.com/bid/55883
- http://www.securitytracker.com/id?1027647