Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Legato NetWorker明文日志文件漏洞
Vulnerability Description
Legato NetWorker是一个服务器软件包,用来在异种网络之间共享数据、媒体并进行备份。Legato NetWorker可运行一些UNIX变种和Windows NT/2000平台。 Legato NetWorker存在设计问题,可以使本地攻击者访问到一些敏感信息,比如用户名和口令。 在Legato NetWorker软件中,一些敏感信息如用户名和口令被放在明文的日志里。默认情况下,日志文件创建时是全局可读的。本地攻击者可以通过查看日志来获得这些信息以取得对网络上其他主机的访问,并有可能提升自己的权
CVSS Information
N/A
Vulnerability Type
N/A