Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[VulnWatch] Veritas BackupExec Agent vulnerability

from [Brad Zimmerman] Network Security [Permanent Link]
Subject: [VulnWatch] Veritas BackupExec Agent vulnerability
Date: Fri, 17 Dec 2004 07:05:13 -0800 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://isc.sans.org/

[The following text was taken directly from the isc.sans.org site.  I
did not discover this vulnerability and I'm not taking any credit for
it.  Simply haven't seen this on the Vulnwach list.]

"A remote vulnerability in Veritas BackupExec Agent has been discovered.
This vulnerability is especially serious as it does not require any
authentication before the service can be exploited, and by their very
nature, backup servers tend to both be reachable by, and have access to,
a large number of systems within an organization. If you run BackupExec,
patches are available for both Version 8.6.x
http://seer.support.veritas.com/docs/273422.htm and Version 9.1.x
http://seer.support.veritas.com/docs/273420.htm";


- --
Sent via the web's best browser/email client - Mozilla v1.7.3
Verify my PGP signature!  Was it I or an imposter who sent this email?
PGP Key: BAA7260D FP: 3F87 632E 2513 06E3 D7EE  1C94 ACAD 1187 BAA7 260D
See my PGP FP/key at: http://exocet.ca and http://slashdot.org/~Exocet


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBwvWorK0Rh7qnJg0RAkd0AKCijlJAKQOHW4is6kO0nuYxQYb4vwCfVVEb
SA052q6acCEsK+xYiRUHHB4=
=9jWc
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [VulnWatch] Veritas BackupExec Agent vulnerability, Brad Zimmerman <=
Previous by Date:  iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability, customer service mailbox
Next by Date:  [Full-Disclosure] Re: Linux kernel IGMP vulnerabilities, Timothy Hall
Previous by Thread:  iDEFENSE Security Advisory 12.15.04: Computer Associates eTrust EZ Antivirus Insecure File Permission Vulnerability, customer service mailbox
Next by Thread:  [Full-Disclosure] Re: Linux kernel IGMP vulnerabilities, Timothy Hall
Indexes:  [Date] [Thread] [Top] [All Lists]