6.5 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:H/Au:S/C:C/I:C/A:C
Symantec Backup Exec 12.5 - Man In The Middle
Exploit Title: Symantec Backup Exec MiTM Attack
Date: 27/05/2011
Author: Nibin
Software Link: http://www.symantec.com/business/products/family.jsp?familyid=backupexec
Version:
- Symantec Backup Exec for Windows Servers versions 11.0, 12.0, and 12.5
- Symantec Backup Exec 2010 versions 13.0 and 13.0 R2
Tested on: Tested on Symantec Backup Exec 12.5 for Windows Servers
CVE : CVE-2011-0546
BID: 47824
Symantec Disclosure link:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110526_00
iViZ Disclosure link: goo.gl/1vzdE
Exploit Code: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/17517.zip (SymantecReplay.zip)