CVE-2007-4347

Name of the Vulnerable Software and Affected Versions Symantec Backup Exec for Windows Servers versions 11.0.6.6235 through 11.0.7170

Description The issue is related to multiple integer overflows in the Job Engine service, which can be exploited by remote attackers. This is done by sending a crafted packet to port 5633/tcp, triggering an infinite loop that leads to a denial of service due to CPU and memory consumption.

Recommendations For Symantec Backup Exec for Windows Servers versions 11.0.6.6235 through 11.0.7170, consider restricting access to port 5633/tcp to minimize the risk of exploitation. As a temporary workaround, limiting the resources available to the Job Engine service may help mitigate the impact of the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.