Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: Veritas Exploit on the web - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Veritas Exploit on the web

FrSIRT has notified the ISC that a new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server.  As a reminder, a specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing.  Authentication by the attacker is not needed to take advantage of this vulnerability.  

The vulnerability that this exploit takes advantage of is ~60 days old.  The downside of this exploit is that, in one pass, an attacker would have the ability to create a disaster, and then destroy a company's ability to recover from said disaster.

The security packs that address this vulnerability, Symantec Advisory #SYM05-024, can be found here. 

Thanx again to FrSIRT for providing the update.

Tony

150 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!