Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Coverage for Backup Product Vulnerabilities

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: Coverage for Backup Product Vulnerabilities
Date: Wed, 27 Jul 2005 09:26:04 -0400 
Computer Associates Arcserve overflow is tested by :

- arcserve_universalagent_overflow.nasl / plugin id 18041 (safe network test)

There is a test to detect a default password too :

- arcserve_default_password.nasl / plugin id 16390 (safe network test)



Veritas Backup Exec is tested by :

- veritas_backup_exec_overflow.nasl / plugin id 16230 . This plugin requires Windows credentials.
- veritas_backup_exec_overflow2.nasl / plugin id 16232. This plugin is a destructive attack and can crash the service (you need to disable 'safe checks' option).
- veritas_agent_overflow.nasl / plugin id 18551. This plugin is a destructive attack and can crash the service (you need to disable 'safe checks' option).

There is no way to do a 'safe network check' to detect if Veritas Backup Exec is patched or not.


And in addition, BakBone NetVault is tested by :

- netvault_remote_hbof.nasl / plugin id 18257 (safe network test)



Nicolas


On Jul 26, 2005, at 9:48 AM, Jersey, Steve wrote:

Do users in the Nessus community anticipate that new plug-ins will be developed shortly to scan for vulnerabilities associated to the Veritas and Computer Associates backup products? Yesterday, the SANS group (www.sans.org) published a Q2 update of the newest vulnerabilities discovered in the last 3 months. The vulnerabilities for these two software products were referenced as being “critical”. SANS did not associate these vulnerabilities to an existing Top 20 category item, but the vulnerabilities would involve Windows and Unix systems.



Our group has used Nessus for a couple years to scan critical servers in relation to auditing at various locations. We have become proficient with use of the tool, but we do not at this time have the technical capability to write our scripts.



Stephen P. Jersey

State of Maryland - Office of Legislative Audit

301 W. Preston St., Rm 1202

Baltimore, Md 21201

SJersey@ola.state.md.us









_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  question on Nessus, FOURGOUS Jerome
Next by Date:  Re: Viewing and summarising reports, Steve Sanders
Previous by Thread:  Coverage for Backup Product Vulnerabilities, Jersey, Steve
Next by Thread:  question on Nessus, FOURGOUS Jerome
Indexes:  [Date] [Thread] [Top] [All Lists]