PT-2005-1802 · Veritas · Veritas Backup Exec Remote Agent

Pedram Amini

Published

2005-06-18

Updated

2011-03-08

CVE-2005-0773

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions VERITAS Backup Exec Remote Agent versions 9.0 through 10.0 for Windows VERITAS Backup Exec Remote Agent versions 9.0.4019 through 9.1.307 for Netware

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a "CONNECT CLIENT AUTH" request with authentication method type 3 (Windows credentials) and a long password argument.

Recommendations For VERITAS Backup Exec Remote Agent versions 9.0 through 10.0 for Windows, update to a version outside of the affected range to resolve the issue. For VERITAS Backup Exec Remote Agent versions 9.0.4019 through 9.1.307 for Netware, update to a version outside of the affected range to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0773

Affected Products

Veritas Backup Exec Remote Agent

PT-2005-1802 · Veritas · Veritas Backup Exec Remote Agent

CVE-2005-0773

Related Identifiers

Affected Products

References · 12