VERITAS NetBackup is a backup and recovery solution for multiple platforms.
The Volume Manager Daemon (VMD) has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port 13701/tcp on a NetBackup server or client could result in command execution with root or system privileges.
Apply the patch referenced in Symantec advisory 05-024.
Exploit works on VERITAS NetBackup Server 5.1. Due to small buffer size, the target must be able to connect back to the attack host to retrieve the shell code.