VERITAS Backup Exec software exploit poses serious threat “The VERITAS Backup Exec Remote Agent for Windows contains a buffer overflow that may allow an unauthenticated, remote attacker to compromise a system and execute arbitrary code with administrative privileges. “VERITAS Backup Exec is a data backup and recovery solution with support for network-based backups. The VERITAS Backup Exec Remote Agent is installed on systems that are to be backed up. It listens on TCP port 10000 for messages indicating that a backup should occur. “The remote agent software fails to properly validate incoming packets, which allows a buffer overflow to occur. Specially crafted authentication messages can be used to trigger the buffer overflow, making it possible for an unauthenticated attacker to exploit this vulnerability. “Exploit code for this vulnerability is publicly available. In addition, we have received credible reports that this vulnerability is being actively exploited to execute arbitrary code with Local System privileges. We have also seen increased scanning activity on port 10000/tcp. This increase is believed to be attempts to locate vulnerable systems running the VERITAS Backup Exec Remote Agent. “In addition, US-CERT is investigating other, potentially serious vulnerabilities in VERITAS backup software.” For more details see: http://www.us-cert.gov/cas/techalerts/TA05-180A.html
•Date: 1st July 2005 • Region: US/World • Type:
Article •Topic:
Warnings |
