3 matches found
Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload
The remote host appears to be running Symantec Backup Exec System Recovery Manager, a backup manager solution. The version of Recovery Manager on the remote host includes the Tomcat Servlet 'FileUpload' that fails to validate the user input. An unauthenticated attacker may be able to exploit this...
CVE-2008-0457
The CVE-2008-0457 issue affects Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, where the FileUpload class on the Symantec LiveState Apache Tomcat server (Tomcat running on TCP ports 8080 and 8443 per ZDI) fails to validate input, allowing remote attackers to upload and execute arbitr...
ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability
ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-003.html February 6, 2008 -- CVE ID: CVE-2008-0457 -- Affected Vendor: Symantec -- Affected Products: Backup Exec System Recovery Manager 7.0 Backup Exec System Recovery Manager...