SAINT CorporationSAINT:B69CE1E75E71B6BDA10ACED07A36C37BVERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.966 High
EPSS
Percentile
99.6%
Added: 12/22/2005
CVE: CVE-2005-0773
BID: 14022
OSVDB: 17624
Background
VERITAS Backup Exec is a network backup solution for Windows and Netware servers.
Problem
VERITAS Backup Exec is affected by a buffer overflow when handling **CONNECT_CLIENT_AUTH** requests with the Windows user authentication type. A very long password could overflow the buffer, leading to command execution.
Resolution
VERITAS Security Advisory VX05-002.
References
[http://www.idefense.com/intelligence/vulnerabilities/display.php?id=272&type=vulnerabilities ](<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=272&type=vulnerabilities
>)
Limitations
Exploit works on Backup Exec 9.1 on Windows platforms.
Platforms
Windows 2000
Windows XP / Windows Server 2003
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.966 High
EPSS
Percentile
99.6%