Nicolas Pouvesle

**Name of the Vulnerable Software and Affected Versions** Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server versions 9.1 through 9.2 Symantec Backup Exec Continuous Protection Server Remote Agent for Windows Server version 10.1 Symantec Backup Exec for Windows Server and Remote Agent versions 9.1 through 10.1 **Description** The issue is related to multiple heap-based buffer overflows that can be triggered by remote attackers sending a crafted RPC message. This can cause a denial of service, resulting in an application crash, and potentially allow the execution of arbitrary code. **Recommendations** For Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server versions 9.1 through 9.2, update to a version that is not affected by this issue. For Symantec Backup Exec Continuous Protection Server Remote Agent for Windows Server version 10.1, update to a version that is not affected by this issue. For Symantec Backup Exec for Windows Server and Remote Agent versions 9.1 through 10.1, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the RPC service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to Server 2003 SP2 Microsoft Windows 2000 SP4 Microsoft Windows XP SP1 and SP2 **Description** The issue allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized. This is due to an information disclosure vulnerability in the Server service, which could allow an attacker to view fragments of memory used to store SMB traffic during transport. **Recommendations** For Microsoft Windows 2000 SP4, consider applying the necessary security patches to resolve the issue. For Microsoft Windows XP SP1 and SP2, update to a newer service pack to mitigate the risk. For Microsoft Windows Server 2003 up to SP1, apply the security update or upgrade to Server 2003 SP2 or later. As a temporary workaround, consider restricting access to the Server service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EMC Retrospect Client versions 5.1 through 7.5 **Description** The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. **Recommendations** For versions 5.1 through 7.5, update to a version that contains a fix for this issue to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** CA Message Queuing (CAM / CAFT) versions before 1.07 Build 220 16 CA Message Queuing (CAM / CAFT) versions before 1.11 Build 29 20 **Description** The issue allows remote attackers to cause a denial of service via spoofed CAM control messages. **Recommendations** For CA Message Queuing (CAM / CAFT) versions before 1.07 Build 220 16, update to version 1.07 Build 220 16 or later. For CA Message Queuing (CAM / CAFT) versions before 1.11 Build 29 20, update to version 1.11 Build 29 20 or later.