CVE-2017-6399

Veritas NetBackup (Server/Client) prior to 7.7.2 and NetBackup Appliance prior to 2.7.2/3.1.0 is affected by a Privileged remote command execution vulnerability. Multiple connected advisories (Veritas VTS17-003, CNVD/CVE-2017-6399) confirm an arbitrary/root-level command execution vector on the N...

CVE-2017-6404

An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There are world-writable log files, allowing destruction or spoofing of log data...

CVE-2017-6399

An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client on the server or a connected client can occur...

CVE-2017-6401

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat...

CVE-2017-6401

CVE-2017-6401 affects Veritas NetBackup (before 8.0) and NetBackup Appliance (before 3.0). The issue enables local arbitrary command execution when using the bpcd and bpnbat components. The connected documents corroborate the affected products and the local-execution vector but do not provide con...

CVE-2017-6407

CVE-2017-6407 affects Veritas NetBackup before 7.7.2 and NetBackup Appliance before 2.7.2. The issue allows privileged remote command execution on NetBackup Server and on a connected NetBackup client (server or client side). The vulnerability’s root cause is described as a privileged remote comma...

CVE-2017-6408

An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. A local-privilege-escalation race condition in pbxexchange can occur when a local user connects to a socket before permissions are secured...

CVE-2017-6404

Veritas NetBackup before 7.7 and NetBackup Appliance before 2.7 contain a vulnerability where world-writable log files can be destroyed or spoofed. This is documented in CVE-2017-6404 and reflected across multiple sources (NVD entry; Nessus plugin). The initial disclosures do not provide remediat...

CVE-2017-6406

CVE-2017-6406 affects Veritas NetBackup (Before 7.7.2) and NetBackup Appliance (Before 2.7.2). It enables arbitrary privileged command execution via a whitelist directory escape using substrings like "../". The root cause is a directory traversal that can lead to privilege escalation with local a...

Veritas NetBackup DoS / Command Execution / Privilege Escalation / Traversal

Veritas NetBackup and NetBackup appliance - Multiple Vulnerabilities -------------------------------------------------------------------- Introduction ============ Multiple critical vulnerabilities were identified in Veritas NetBackup and NetBackup appliance. The vulnerabilities were discovered...

Code injection

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense...

CVE-2016-7399

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense...

CVE-2016-7399

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense...

CVE-2016-7399

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense...

CVE-2016-7399

CVE-2016-7399 affects Veritas NetBackup Appliance, with remote command execution via shell metacharacters in the hostName parameter to appliancews/getLicense. Versions affected include 2.6.0.x up to 2.6.0.4, 2.6.1.x up to 2.6.1.2, 2.7.x up to 2.7.3, and 3.0.x. The root cause is unsafely handled h...

Symantec NetBackup Security Bypass Vulnerability

Symantec NetBackup is the United States Symantec Symantec company a set of data backup and recovery software suite designed for business users. A security vulnerability exists in the NetApp plug-in in versions prior to Symantec NetBackup 2.0.1 due to the program's use of non-unique server...

CVE-2016-7171

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation...

CVE-2016-7171

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation...

Information disclosure

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation...

CVE-2016-7171

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation...