Secunia

Two vulnerabilities have been reported in several EMC NetWorker Products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

1) An error exists in the "nsrexecd.exe" process when allocating memory. This can be exploited exhaust all available memory via specially crafted RPC requests.

The vulnerability affects the following products and versions:
* NetWorker Server, Storage Node and Client 7.3.x, 7.4, 7.4.1, and 7.4.2
* NetWorker Client and Storage Node for Open VMS 7.3.2 ECO6 and earlier
* NetWorker Module for Microsoft Exchange 5.1 and earlier
* NetWorker Module for Microsoft Applications 2.0 and earlier
* NetWorker Module for Meditech 2.0 and earlier
* NetWorker PowerSnap 2.4 SP1 and earlier

2) A signedness error in the RPC library (librpc.dll) can be exploited to cause a stack-based buffer overflow via a specially crafted RPC packet sent to to TCP port 36890.

Successful exploitation of this vulnerability allows execution of arbitrary code.

Please see Powerlink document ESA-08-007 for information on versions affected by this vulnerability.

Solution
Update to a fixed version.
Further details available in Customer Area

Provided and/or discovered by
1) Zhenhua Liu, Xiaopeng Zhang and Junfeng Jia of Fortinet's FortiGuard Global Security Research Team
2) Sebastian Apelt, reported via ZDI

Changelog
Further details available in Customer Area

Original Advisory
Fortinet:
http://www.fortiguardcenter.com/advisory/FGA-2008-23.html

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-10-023/

Deep Links
Links available in Customer Area