Lucene search

K
zdiThis vulnerability was discovered by Kevin Finisterre with exploitation assistance from JohnH.ZDI-05-001
HistoryOct 12, 2005 - 12:00 a.m.

VERITAS NetBackup Remote Code Execution

2005-10-1200:00:00
This vulnerability was discovered by Kevin Finisterre with exploitation assistance from JohnH.
www.zerodayinitiative.com
55

0.933 High

EPSS

Percentile

99.1%

This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the β€˜COMMAND_LOGON_TO_MSERVER’ command. The vulnerable daemon listens on TCP port 13722 and affects both NetBackup clients and servers.