Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.802985 |
Category: | Buffer overflow |
Title: | VERITAS Backup Exec Remote Agent Windows Servers BOF Vulnerability |
Summary: | This host is running VERITAS Backup Exec Remote Agent for Windows; Servers and is prone to buffer overflow vulnerability. |
Description: | Summary: This host is running VERITAS Backup Exec Remote Agent for Windows Servers and is prone to buffer overflow vulnerability. Vulnerability Insight: The flaw is due to insufficient input validation on CONNECT_CLIENT_AUTH requests. CONNECT_CLIENT_AUTH requests sent with an authentication method type '3' indicating Windows user credentials, and an overly long password argument can overflow the buffer and lead to arbitrary code execution. Vulnerability Impact: Successful exploitation will allow attackers to overflow a buffer and execute arbitrary code on the system. Affected Software/OS: Veritas Backup Exec Remote Agent versions 9.0 through 10.0 for Windows Servers Solution: Upgrade to Veritas Backup Exec Remote Agent 10.0 rev. 5520 for Windows Servers CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Cross-Ref: |
BugTraq ID: 14022 Common Vulnerability Exposure (CVE) ID: CVE-2005-0773 AUSCERT Advisory: AL-2005.013 http://www.securityfocus.com/bid/14022 Cert/CC Advisory: TA05-180A http://www.us-cert.gov/cas/techalerts/TA05-180A.html CERT/CC vulnerability note: VU#492105 http://www.kb.cert.org/vuls/id/492105 http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities&flashstatus=true http://www.osvdb.org/17624 http://securitytracker.com/id?1014273 http://secunia.com/advisories/15789 |
Copyright | Copyright (c) 2012 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |