Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Veritas Exploit on the web - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Veritas Exploit on the web

FrSIRT has notified the ISC that a new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server.  As a reminder, a specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing.  Authentication by the attacker is not needed to take advantage of this vulnerability.  

The vulnerability that this exploit takes advantage of is ~60 days old.  The downside of this exploit is that, in one pass, an attacker would have the ability to create a disaster, and then destroy a company's ability to recover from said disaster.

The security packs that address this vulnerability, Symantec Advisory #SYM05-024, can be found here. 

Thanx again to FrSIRT for providing the update.

Tony

150 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!