| VID |
23148 |
| Severity |
40 |
| Port |
13701 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The VERITAS NetBackup Volume Manager Daemon is vulnerable to a buffer overflow vulnerability. VERITAS NetBackup is a backup and recovery software solution. NetBackup versions 5.0 and 5.1 are vulnerable to a remote buffer overflow vulnerability in the Volume Manager Daemon (VMD). A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted packet to a vulnerable NetBackup installation. Successful exploitation could allow the attacker to execute arbitrary code with root or SYSTEM privileges.
* References:
http://seer.support.veritas.com/docs/279553.htm
http://seer.support.veritas.com/docs/280097.htm
http://www.kb.cert.org/vuls/id/574662
http://secunia.com/advisories/17503/
* Platforms Affected:
Veritas Software, VERITAS NetBackup 5.0 Any version
Veritas Software, VERITAS NetBackup 5.1 Any version
Any operating system Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Symantec Security Advisory SYM05-024 at http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html |
| Related URL |
CVE-2005-3116 (CVE) |
| Related URL |
15253 (SecurityFocus) |
| Related URL |
22985 (ISS) |
|
