Nibin

**Name of the Vulnerable Software and Affected Versions** Symantec Backup Exec versions 11.0 through 13.0 R2 **Description** The issue allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors, due to the lack of validation of identity information sent between the media server and the remote agent. **Recommendations** For Symantec Backup Exec versions 11.0 through 13.0 R2, consider restricting access to the remote agent to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** HP Data Protector Express and Express SSE versions 3.x before build 47065 HP Data Protector Express and Express SSE versions 4.x before build 46537 **Description** The issue affects the dpwinsup module, allowing remote attackers to cause a denial of service or read portions of memory via crafted packets. **Recommendations** For versions 3.x, update to build 47065 or later to resolve the issue. For versions 4.x, update to build 46537 or later to resolve the issue.