Lucene search
SAINT CorporationSAINT:3302B755E322907B471AB7161A6A4178HistoryDec 22, 2005 - 12:00 a.m.
VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
2005-12-2200:00:00
SAINT Corporation
www.saintcorporation.com
16
0.966 High
EPSS
Percentile
99.6%
Added: 12/22/2005
CVE: CVE-2005-0773
BID: 14022
OSVDB: 17624
Background
VERITAS Backup Exec is a network backup solution for Windows and Netware servers.
Problem
VERITAS Backup Exec is affected by a buffer overflow when handling **CONNECT_CLIENT_AUTH** requests with the Windows user authentication type. A very long password could overflow the buffer, leading to command execution.
Resolution
VERITAS Security Advisory VX05-002.
References
[http://www.idefense.com/intelligence/vulnerabilities/display.php?id=272&type=vulnerabilities ](<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=272&type=vulnerabilities
>)
Limitations
Exploit works on Backup Exec 9.1 on Windows platforms.
Platforms
Windows 2000
Windows XP / Windows Server 2003
Related
securityvulns
securityvulns
nvd
nvd
CVE-2005-0773
2005-06-18 04:00:00
saint
saint
VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
2005-12-22 00:00:00
VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
2005-12-22 00:00:00
VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
2005-12-22 00:00:00
openvas
openvas
VERITAS Backup Exec Remote Agent Windows Servers BOF Vulnerability
2012-10-15 00:00:00
cvelist
cvelist
CVE-2005-0773
2005-06-29 04:00:00
nessus
nessus
VERITAS Backup Exec Agent for Windows CONNECT_CLIENT_AUTH Remote Overflow
2005-06-23 00:00:00
cve
cve
CVE-2005-0773
2005-06-29 04:00:00
packetstorm
packetstorm
backupexec_agent.pm.txt
2005-06-29 00:00:00
Veritas Backup Exec Windows Remote Agent Overflow
2009-10-30 00:00:00
cert
cert