Computer Security
[EN] securityvulns.ru no-pyccku


EMC Celerra Network Attached Storage appliance unauthorized access
updated since 16.08.2010
Published:09.09.2010
Source:
SecurityVulns ID:11081
Type:remote
Threat Level:
6/10
Description:Full NFS access from predefined list of IP addresses is enabled by default.
CVE:CVE-2010-2860 (The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests.)
Original documentdocumentEMC, ESA-2010-015: EMC Celerra NFS authentication bypass vulnerability using IP spoofing. (09.09.2010)
 documentTrustwave Advisories, TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra NAS appliance (16.08.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod