Monday, January 16, 2006

Veritas Exploit in the wild

SANS reports ther is a new Veritas Exploit on the web.
FrSIRT has notified the ISC that a new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server. As a reminder, a specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing. Authentication by the attacker is not needed to take advantage of this vulnerability. The vulnerability that this exploit takes advantage of is ~60 days old.


Post a Comment

<< Home