VERITAS NetBackup is a backup and recovery solution for multiple platforms.
The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the commands to valid commands.
Apply one of the maintenance packs referenced in the Symantec Security Advisory.
Exploit works on VERITAS NetBackup 5.0 and requires the target host to have the ability to connect back to SAINTexploit on ports 990/TCP and 69/UDP.
In order for the exploit to succeed, the address of the host running SAINTexploit must be present in Unicode format in the following registry key on the target:
This exploit requires the PERL threads module to be installed on the host running SAINTexploit.