PT-2005-1802 · Veritas · Veritas Backup Exec Remote Agent

Pedram Amini

Publicado

2005-06-18

Atualizado

2011-03-08

CVE-2005-0773

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions VERITAS Backup Exec Remote Agent versions 9.0 through 10.0 for Windows VERITAS Backup Exec Remote Agent versions 9.0.4019 through 9.1.307 for Netware

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a "CONNECT CLIENT AUTH" request with authentication method type 3 (Windows credentials) and a long password argument.

Recommendations For VERITAS Backup Exec Remote Agent versions 9.0 through 10.0 for Windows, update to a version outside of the affected range to resolve the issue. For VERITAS Backup Exec Remote Agent versions 9.0.4019 through 9.1.307 for Netware, update to a version outside of the affected range to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0773

Produtos afetados

Veritas Backup Exec Remote Agent

PT-2005-1802 · Veritas · Veritas Backup Exec Remote Agent

CVE-2005-0773

Identificadores relacionados

Produtos afetados

Referências · 12