Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Veritas pulls (some) patches for Backup Exec - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Veritas pulls (some) patches for Backup Exec
Symantec yesterday released two new security advisories about vulnerabilities in Veritas Backup Exec.

The first vulnerability, described in SYM06-004 allows a malicious user crashing of the Backup Exec Remote Agent by sending a specially malformed packet.
This leads to a DoS attack on the service, but considering that this is typically used for backups of critical data, the severity could be pretty high (it's easy to imagine a scenario when you need business critical data that was supposed to be backed up yesterday, but it wasn't due to the Backup Exec crashing).
In normal circumstances we would say to update as soon as possible, but it looks like there are some issues with some of the patches (we got a submission from one of our readers, thanks Charles). Symantec also pulled patches for Backup Exec 10d (10.1) and 10.0 for Windows Servers - the original advisory available at says that the hotfix has temporarily been removed and will be re-released later.

The other advisory (SYM06-005) is related to a low risk vulnerability in the Job Engine service. This vulnerability can be exploited only in certain circumstances ("full details" logging has to be enabled, and a user has to host a specially formatted file on their system). Details about this vulnerability can be found at
I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Pen Test Hackfest Europe 2022 - Berlin


403 Posts
ISC Handler
Mar 22nd 2006

Sign Up for Free or Log In to start participating in the conversation!