VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

Symantec Veritas NetBackup bpcd daemon fails to properly validate commands

Overview Symantec Veritas NetBackup is vulnerable to command chaining, which may allow a remote, authenticated attacker to execute arbitrary commands on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon fails t...

CVE-2006-5822

Stack-based buffer overflow in the NetBackup bpcd daemon bpcd.exe in Symantec Veritas NetBackup 5.0 before 5.0MP7, 5.1 before 5.1MP6, and 6.0 before 6.0MP4 allows remote attackers to execute arbitrary code via a long CONNECTOPTIONS request, a different issue than CVE-2006-6222...

CVE-2006-6222

Stack-based buffer overflow in the NetBackup bpcd daemon bpcd.exe in Symantec Veritas NetBackup 5.0 before 5.0MP7, 5.1 before 5.1MP6, and 6.0 before 6.0MP4 allows remote attackers to execute arbitrary code via a long request with a malformed length prefix...

CVE-2006-4902

CVE-2006-4902 affects the NetBackup bpcd daemon (bpcd.exe) on Windows, where the daemon fails to properly validate chained commands, enabling a remote attacker to append malicious commands to valid ones and execute arbitrary code. Affected versions include NetBackup 5.0 up to 5.0_MP7, 5.1 up to 5...

CVE-2006-6222

Symantec Veritas NetBackup is affected by a stack-based buffer overflow in the bpcd daemon (bpcd.exe) caused by parsing of overly long requests with a malformed length prefix. The vulnerability affects NetBackup 5.0 before MP7, 5.1 before MP6, and 6.0 before MP4. An unauthenticated remote attacke...

CVE-2006-5822

CVE-2006-5822 affects Symantec Veritas NetBackup bpcd daemon (bpcd.exe). The vulnerability is a boundary/buffer overflow in handling overly long CONNECT_OPTIONS requests to NetBackup Master/Media Servers (bpcd listens on 13782/tcp). Exploitation can allow remote code execution with the privileges...