Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:5F94CECE2F238D2FF8B0EA4B863EFB8F
HistoryApr 07, 2006 - 12:00 a.m.

VERITAS Backup Exec Agent Browser hostname buffer overflow

2006-04-0700:00:00
SAINT Corporation
my.saintcorporation.com
14

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Added: 04/07/2006
CVE: CVE-2004-1172
BID: 11974
OSVDB: 12418

Background

VERITAS Backup Exec for Windows is a data backup and recovery solution.

Problem

A buffer overflow in the VERITAS Backup Exec Agent Browser allows a remote attacker to execute commands by sending a long, specially crafted hostname in a registration request.

Resolution

Apply the hotfix referenced in VERITAS support document 273419.

References

<http://www.kb.cert.org/vuls/id/907729&gt;
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=169&gt;

Limitations

Exploit works on VERITAS Backup Exec 9.1.

Platforms

Windows

Related

saint 3
openvas 1
cvelist 1
nessus 2
cert 1
nvd 1
packetstorm 1
checkpoint_advisories 1
securityvulns 1
cve 1
saint
saint
VERITAS Backup Exec Agent Browser hostname buffer overflow
2006-04-07 00:00:00
VERITAS Backup Exec Agent Browser hostname buffer overflow
2006-04-07 00:00:00
VERITAS Backup Exec Agent Browser hostname buffer overflow
2006-04-07 00:00:00
openvas
openvas
VERITAS Backup Exec Agent Browser Remote Buffer Overflow Vulnerability
2012-10-11 00:00:00
cvelist
cvelist
CVE-2004-1172
2004-12-22 05:00:00
nessus
nessus
Veritas Backup Exec Agent Browser 8.x < 8.60.3878 HF 68 / 9.0.x < 9.0.4454 HF 30 / 9.1.x < 9.1.4691 HF 40 RCE
2005-01-24 00:00:00
VERITAS Backup Exec Agent Browser Registration Request Remote Overflow
2005-01-24 00:00:00
cert
cert
Veritas Backup Exec registration request buffer overflow
2005-01-14 00:00:00
nvd
nvd
CVE-2004-1172
2005-01-10 05:00:00
packetstorm
packetstorm
Veritas Backup Exec Name Service Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Veritas Backup Exec Agent Browser Registration Request Buffer Overflow (CVE-2004-1172)
2009-10-13 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability
2004-12-17 00:00:00
cve
cve
CVE-2004-1172
2005-01-10 05:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON
Related for SAINT:5F94CECE2F238D2FF8B0EA4B863EFB8F
saint3openvas1cvelist1nessus2cert1nvd1packetstorm1checkpoint_advisories1securityvulns1cve1