PT-2006-5655 · Symantec Veritas · Netbackup

Published

2006-12-14

Updated

2017-07-20

CVE-2006-4902

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Veritas NetBackup versions 5.0 through 5.0 before MP7 Symantec Veritas NetBackup versions 5.1 through 5.1 before MP6 Symantec Veritas NetBackup versions 6.0 through 6.0 before MP4

Description The issue is related to the NetBackup bpcd daemon, which does not properly check for chained commands. This allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands.

Recommendations For Symantec Veritas NetBackup versions 5.0 through 5.0 before MP7, update to version 5.0 MP7 or later. For Symantec Veritas NetBackup versions 5.1 through 5.1 before MP6, update to version 5.1 MP6 or later. For Symantec Veritas NetBackup versions 6.0 through 6.0 before MP4, update to version 6.0 MP4 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4902

Affected Products

Netbackup

PT-2006-5655 · Symantec Veritas · Netbackup

CVE-2006-4902

Related Identifiers

Affected Products

References · 9