iDEFENSE Security Advisory 11.10.05 - Exploitation of a buffer overflow vulnerability in Veritas Netbackup could lead to a remote Denial Of Service or remote code execution. The Veritas Netbackup Volume Manager keeps track of the location of volumes (tapes) needed for backup or restore. By sending a specially crafted packet to the Volume Manager stack overflow occurs. This is caused by improper bounds checking. Confirmed vulnerable: Veritas Netbackup 5.0 with MP1 (vmd.exe 5.0.0.370), Veritas Netbackup 5.0 with MP2 (vmd.exe 5.0.0.372), Veritas Netbackup 5.0 with MP3 (vmd.exe 5.0.0.377), Veritas Netbackup 5.0 with MP4 (vmd.exe 5.0.0.382), Veritas Netbackup 5.0 with MP5 (vmd.exe 5.0.0.387), Veritas Netbackup 5.1 without MP (vmd.exe 5.1.0.135), Veritas Netbackup 5.1 with MP1 (vmd.exe 5.1.0.140), Veritas Netbackup 5.1 with MP2 (vmd.exe 5.1.0.146), Veritas Netbackup 5.1 with MP3A (vmd.exe 5.1.0.150).
0ac9d8914a2943178c3bae5978669d615d29fc3c632ed89f22964e6488d7f562
Veritas NetBackup v4/v5 "Volume Manager Daemon" remote stack overflow exploit.
6bf7782bcf9b0245b5dabd142ec6d47ca62c1fc2f9680b45ea2ab2ef81f1da93