[virusinfo] Veritas Backup Exec vulnerabilities

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Fri, 24 Jun 2005 16:24:35 -0700

From: Panda Oxygen3 24h-365d wrote:

"Keep your fears to yourself, but share your courage with others." 
         Robert Louis Stevenson (1850-1894); British author.

         - Several vulnerabilities in Veritas Backup Exec -
 Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, June 24, 2005 - SecurityTracker has reported -at
http://securitytracker.com/alerts/2005/Jun/1014273.html- several
vulnerabilities in Veritas Backup Exec, which could allow a remote user
to cause the system to crash, modify the operating system configuration
or run arbitrary code.

The first flaw could allow a remote user to exploit a vulnerability in
the access control in Veritas Backup Exec for Windows and modify the
Window Registry with Administrator privileges.

Another of the security holes could allow a remote user to exploit
several flaws in VERITAS Backup Exec Remote Agent for Windows Servers
and Remote Agent for NetWare Servers and cause the system to crash. In
this case, the flaws lie in the incorrect handling of certain requests
and a reference to a null pointer.

The last vulnerability reported could allow a remote user to exploit a
buffer overflow vulnerability in the Veritas Software Backup Exec Remote
Agent in the processing of certain authentication requests and run
arbitrary code on the target system.

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If
this happens, just use the 'cut' and 'paste' options to join the pieces
of the URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner: 1) Mhtredir.gen; 2) Netsky.P; 3)
Sdbot.ftp; 4) Smitfraud.B; 5) Qhost.gen.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Veritas Backup Exec vulnerabilities

1. Home
2. virusinfo
3. Archive
4. 06-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---