| VID |
23150 |
| Severity |
40 |
| Port |
6106 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The VERITAS Backup Exec Agent is vulnerable to an unauthenticated registry access vulnerability. VERITAS Backup Exec is a data backup and recovery solution with support for over the network backup. Backup Exec for Windows Servers versions 9.0 through 10.0 are vulnerable to an unauthenticated registry access vulnerability, caused by improper validation of user-supplied input in the RPC handlers defined in beserver.exe. By sending a specially-crafted RPC request with ID 93841fd0-16ce-11ce-850d-02608c44967b to the RPC service listening on TCP port 6106, a remote attacker could access the affected Windows system's Registry with administrative privileges.
* References:
http://www.kb.cert.org/vuls/id/584505
http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities&flashstatus=true
http://seer.support.veritas.com/docs/276605.htm
http://www.us-cert.gov/cas/techalerts/TA05-180A.html
http://secunia.com/advisories/15789
http://securitytracker.com/alerts/2005/Jun/1014273.html
http://www.hitachi-support.com/security_e/vuls_e/HS05-014_e/index-e.html
http://www.osvdb.org/17627
* Platforms Affected:
Veritas Software Backup Exec for Windows Servers 10.0 rev. 5484
Veritas Software Backup Exec for Windows Servers 9.1 rev. 4691
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4454
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4367
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate hotfix for your system, as listed in the Veritas Document ID: 276605 at http://seer.support.veritas.com/docs/276605.htm |
| Related URL |
CVE-2005-0771 (CVE) |
| Related URL |
14020 (SecurityFocus) |
| Related URL |
21116 (ISS) |
|
