iDEFENSE Security Advisory 11.10.05 - Exploitation of a buffer overflow vulnerability in Veritas Netbackup could lead to a remote Denial Of Service or remote code execution. The Veritas Netbackup Volume Manager keeps track of the location of volumes (tapes) needed for backup or restore. By sending a specially crafted packet to the Volume Manager stack overflow occurs. This is caused by improper bounds checking. Confirmed vulnerable: Veritas Netbackup 5.0 with MP1 (vmd.exe 5.0.0.370), Veritas Netbackup 5.0 with MP2 (vmd.exe 5.0.0.372), Veritas Netbackup 5.0 with MP3 (vmd.exe 5.0.0.377), Veritas Netbackup 5.0 with MP4 (vmd.exe 5.0.0.382), Veritas Netbackup 5.0 with MP5 (vmd.exe 5.0.0.387), Veritas Netbackup 5.1 without MP (vmd.exe 5.1.0.135), Veritas Netbackup 5.1 with MP1 (vmd.exe 5.1.0.140), Veritas Netbackup 5.1 with MP2 (vmd.exe 5.1.0.146), Veritas Netbackup 5.1 with MP3A (vmd.exe 5.1.0.150).
0ac9d8914a2943178c3bae5978669d615d29fc3c632ed89f22964e6488d7f562Veritas NetBackup v4/v5 "Volume Manager Daemon" remote stack overflow exploit.
6bf7782bcf9b0245b5dabd142ec6d47ca62c1fc2f9680b45ea2ab2ef81f1da93
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed