|CVE ID||CVE-2011-0321, CVE-2011-1210|
|CVSS SCORE||9.0, (AV:N/AC:L/Au:N/C:P/I:P/A:C)|
|TREND MICRO CUSTOMER PROTECTION||Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 52. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability.
The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. A remote attack can use this vulnerability to create a denial of service condition or eavesdrop on process communications.
EMC (Fix posted January 31, 2011):
IBM issued patch May 16, 2011: