Intrusion Prevention

EMC.NetWorker.nsrexecd.exe.RPC.Packet.DoS

Description

This indicates an attack attempt against a Denial of Service vulnerability in EMC NetWorker.
The vulnerability is caused by an error when nsrexecd.exe of EMC NetWorker handles a RPC packet containing malformed RPCSEC_GSS data. It allows a remote attacker to crash vulnerable systems via sending a crafted RPC packet to a vulnerable server.

Affected Products

EMC Networker 7.6.3 SP1 Cumulative Release
EMC Networker 7.6.1
EMC Networker 7.5.4
EMC Networker 7.4.2
EMC Networker 7.6.1.5
EMC Networker 7.6.1.5
EMC Networker 7.6.1.4
EMC Networker 7.6.1.3
EMC Networker 7.6.1.2
EMC Networker 7.6.1.2
EMC Networker 7.6.1.1
EMC Networker 7.6.1.1
EMC Networker 7.6.0.9
EMC Networker 7.6.0.8
EMC Networker 7.6.0.7
EMC Networker 7.6.0.6
EMC Networker 7.6.0.5
EMC Networker 7.6.0.4
EMC Networker 7.6.0.3
EMC Networker 7.6.0.2
EMC Networker 7.6 sp3
EMC Networker 7.6 Sp1
EMC Networker 7.6
EMC Networker 7.5.4.3
EMC Networker 7.5.4.3
EMC Networker 7.5.4.2
EMC Networker 7.5.4.1
EMC Networker 7.5.3.5
EMC Networker 7.5.3.5
EMC Networker 7.5.3.4
EMC Networker 7.5.3.4
EMC Networker 7.5.3.3
EMC Networker 7.5.3.2
EMC Networker 7.5.3.1
EMC Networker 7.5.3
EMC Networker 7.5.2.4
EMC Networker 7.5.2.3
EMC Networker 7.5.2.2
EMC Networker 7.5.2.1
EMC Networker 7.5.2.0
EMC Networker 7.5 SP4
EMC Networker 7.5 SP3
EMC Networker 7.4.5.6
EMC Networker 7.4.5.5
EMC Networker 7.4.5.4
EMC Networker 7.4.5.10
EMC Networker 7.4 Sp5
EMC Networker 7.4 Sp4
EMC Networker 7.4 SP3
EMC Networker 7.4 Sp2
EMC Networker 7.4 Sp1
EMC Networker 7.4
EMC Networker 7.3 SP4 build 565
EMC Networker 7.3

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.