PT-2006-6497 · Symantec Veritas · Netbackup

Sebastian Apelt

Published

2006-12-14

Updated

2018-10-17

CVE-2006-5822

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Symantec Veritas NetBackup versions 5.0 through 5.0 before MP7 Symantec Veritas NetBackup versions 5.1 through 5.1 before MP6 Symantec Veritas NetBackup versions 6.0 through 6.0 before MP4

Description: A stack-based buffer overflow issue exists in the NetBackup bpcd daemon, allowing remote attackers to execute arbitrary code via a long CONNECT OPTIONS request.

Recommendations: For Symantec Veritas NetBackup versions 5.0 through 5.0 before MP7, update to version 5.0 MP7 or later. For Symantec Veritas NetBackup versions 5.1 through 5.1 before MP6, update to version 5.1 MP6 or later. For Symantec Veritas NetBackup versions 6.0 through 6.0 before MP4, update to version 6.0 MP4 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5822

Affected Products

Netbackup

PT-2006-6497 · Symantec Veritas · Netbackup

CVE-2006-5822

Related Identifiers

Affected Products

References · 10