Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NT] Symantec BEWS Multiple DoS in Job Engine

from [SecuriTeam] Network Security [Permanent Link]
Subject: [NT] Symantec BEWS Multiple DoS in Job Engine
Date: 29 Nov 2007 15:18:54 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Symantec BEWS Multiple DoS in Job Engine
------------------------------------------------------------------------


SUMMARY

Symantec Backup Exec for Windows Servers (BEWS) may be susceptible to 
multiple denial of service attacks (DoS) if maliciously formatted packets 
are passed to the BEWS Job Engine.

DETAILS

Vulnerable Systems:
 * Symantec Backup Exec for Windows Servers 11d (1.0.6235)
 * Symantec Backup Exec for Windows Servers 11d (11.0.7170)

Secunia Research notified Symantec of three DoS issues involving erroneous 
packet handling affecting components of the Symantec Backup Exec for 
Windows Servers Job Engine.  One is a null-pointer dereference issue that 
crashes the listening service, and two additional issues involving integer 
overflows that can force the service into an infinite loop resulting in 
memory exhaustion or high CPU utilization.  Successful exploitation 
requires access to the affected port. In normal installations this would 
require the attacker to have authorized but non-privileged access to the 
network on which the targeted server resides to leverage network 
communications. A successful attack could result in termination of the 
targeted service and loss of scheduling services or potentially loss of 
access to the application until the service is restarted or the targeted 
activity ceases.

Symantec Response
Symantec engineers have addressed this issue in all affected builds of the 
identified product.  Security updates are available for all affected 
product builds.

Symantec strongly recommends all customers apply the latest security 
update as indicated for their supported product versions to protect 
against threats of this nature. Symantec knows of no exploitation of or 
adverse customer impact from these issues.

The patch listed above for affected products is available from the 
following location:
Build 6235:   <http://support.veritas.com/docs/294241> 
http://support.veritas.com/docs/294241
Build 7170:   <http://support.veritas.com/docs/294237> 
http://support.veritas.com/docs/294237

Best Practices
As part of normal best practices, Symantec recommends:
 * Restrict access to administration or management systems to authorized 
privileged users
 * Block remote access to all ports not essential for efficient operation
 * Restrict remote access, if required, to trusted/authorized systems only
 * Remove/disable unnecessary accounts or restrict access according to 
security policy as required
 * Run under the principle of least privilege where possible
 * Keep all operating systems and applications updated with the latest 
vendor patches
 * Follow a multi-layered approach to security. Run both firewall and 
antivirus applications, at a minimum, to provide multiple points of 
detection and protection to both inbound and outbound threats
 * Deploy network intrusion detection systems to monitor network traffic 
for signs of anomalous or suspicious activity. This may aid in detection 
of attacks or malicious activity related to exploitation of latest 
vulnerabilities

CVE Information:
 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4346> 
CVE-2007-4346,  
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4347> 
CVE-2007-4347


ADDITIONAL INFORMATION

The information has been provided by  <mailto:secure@symantec.com> 
Symantec Secure.
The original article can be found at:  
<http://www.symantec.com/avcenter/security/Content/2007.11.27.html> 
http://www.symantec.com/avcenter/security/Content/2007.11.27.html



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NT] Symantec BEWS Multiple DoS in Job Engine, SecuriTeam <=
Previous by Date:  [NT] Symantec Backup Exec Job Engine Denial of Service, SecuriTeam
Next by Date:  [NT] TIBCO Rendezvous RVD Daemon Memory Leak DoS, SecuriTeam
Previous by Thread:  [NT] Symantec Backup Exec Job Engine Denial of Service, SecuriTeam
Next by Thread:  [NT] TIBCO Rendezvous RVD Daemon Memory Leak DoS, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]