|
|
|
|
| |
"VERITAS NetBackup Enterprise Server delivers high performance data protection that scales to protect the largest UNIX, Windows, Linux and NetWare environments."
"VERITAS NetBackup Server software is a cost-effective heterogeneous backup and recovery solution designed for mid-size organizations, workgroups, and remote offices."
"NetBackup Storage Migrator extends NetBackup with storage management that automatically stores data on the most appropriate media from creation to disposal; improving storage utilization, controlling data growth, and facilitating regulatory compliance."
Lack of proper string filtering allow remote attackers to execute arbitrary code. |
| |
Credit:
The information has been provided by zdi.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-05-001.html
|
| |
Vulnerable Systems:
* VERITAS NetBackup Data and Business Center version 4.5FP
* VERITAS NetBackup Data and Business Center version 4.5MP
* VERITAS NetBackup Enterprise version 5.0
* VERITAS NetBackup Server version 5.0
* VERITAS NetBackup Client version 5.0
* VERITAS NetBackup Enterprise version 5.1
* VERITAS NetBackup Server version 5.1
* VERITAS NetBackup Client version 5.1
* VERITAS NetBackup Enterprise version 6.0
* VERITAS NetBackup Server version 6.0
* VERITAS NetBackup Client version 6.0
This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the 'COMMAND_LOGON_TO_MSERVER' command. The vulnerable daemon listens on TCP port 13722 and affects both NetBackup clients and servers.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. Authentication is not required to exploit this vulnerability.
Vendor Status:
Symantec Engineers have verified this issue and made security updates available for the supported VERITAS NetBackup products. Symantec strongly recommends all customers immediately apply the latest updates for their supported product versions to protect against these types of threats. Please refer to the Symantec advisory for update information: http://www.symantec.com/avcenter/security/Content/2005.10.12.html
CVE Information:
CAN-2005-2715
Disclosure Timeline:
2005.09.12 Vulnerability reported to vendor
2005.09.15 Digital Vaccine released to TippingPoint customers
2005.10.11 Vulnerability information provided to ZDI security partners
2005.10.12 Coordinated public release of advisory
|
|
|
|
|
|
|
|
|
|
