10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.95 High
EPSS
Percentile
99.3%
Added: 04/07/2006
CVE: CVE-2004-1172
BID: 11974
OSVDB: 12418
VERITAS Backup Exec for Windows is a data backup and recovery solution.
A buffer overflow in the VERITAS Backup Exec Agent Browser allows a remote attacker to execute commands by sending a long, specially crafted hostname in a registration request.
Apply the hotfix referenced in VERITAS support document 273419.
<http://www.kb.cert.org/vuls/id/907729>
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=169>
Exploit works on VERITAS Backup Exec 9.1.
Windows