From: Panda Oxygen3 24h-365d wrote: "Keep your fears to yourself, but share your courage with others." Robert Louis Stevenson (1850-1894); British author. - Several vulnerabilities in Veritas Backup Exec - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, June 24, 2005 - SecurityTracker has reported -at http://securitytracker.com/alerts/2005/Jun/1014273.html- several vulnerabilities in Veritas Backup Exec, which could allow a remote user to cause the system to crash, modify the operating system configuration or run arbitrary code. The first flaw could allow a remote user to exploit a vulnerability in the access control in Veritas Backup Exec for Windows and modify the Window Registry with Administrator privileges. Another of the security holes could allow a remote user to exploit several flaws in VERITAS Backup Exec Remote Agent for Windows Servers and Remote Agent for NetWare Servers and cause the system to crash. In this case, the flaws lie in the incorrect handling of certain requests and a reference to a null pointer. The last vulnerability reported could allow a remote user to exploit a buffer overflow vulnerability in the Veritas Software Backup Exec Remote Agent in the processing of certain authentication requests and run arbitrary code on the target system. NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1) Mhtredir.gen; 2) Netsky.P; 3) Sdbot.ftp; 4) Smitfraud.B; 5) Qhost.gen. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member