Lucene search

SAINT CorporationSAINT:17BBAE3AB75F00DAE72BDE3720D8FFEF

HistoryApr 14, 2006 - 12:00 a.m.

VERITAS NetBackup vnetd bpspsserver buffer overflow

2006-04-1400:00:00

SAINT Corporation

download.saintcorporation.com

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.713 High

EPSS

Percentile

97.7%

JSON

Added: 04/14/2006
CVE: CVE-2006-0991
BID: 17264
OSVDB: 24170

Background

VERITAS NetBackup is a backup and recovery solution for multiple platforms.

Problem

A buffer overflow in **bpspsserver** allows a remote attacker to execute arbitrary commands by sending a specially crafted Request Service message to the **vnetd** service.

Resolution

Apply the update referenced in Symantec Advisory SYM06-006.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1641.html>

Limitations

Exploit works on VERITAS NetBackup 6.0.

Platforms

Windows XP

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.713 High

EPSS

Percentile

97.7%

JSON

Related for SAINT:17BBAE3AB75F00DAE72BDE3720D8FFEF