SecurityTracker.com Archives - VERITAS NetBackup bpjava-msvc Logon Format String Bug Lets Remote Users Execute Arbitrary Code

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us | Help |

SecurityTracker
Archives

Welcome to SecurityTracker!

Click to Sign Up

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Sign Up!

Category: Application (Generic) > Veritas NetBackup

Vendors: Symantec, Veritas

VERITAS NetBackup bpjava-msvc Logon Format String Bug Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1015028

SecurityTracker URL: http://securitytracker.com/id?1015028

CVE Reference: CVE-2005-2715 (Links to External Site)

Updated: Jan 24 2008

Original Entry Date: Oct 10 2005

Impact: Execution of arbitrary code via network, Root access via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 4.5, 5.0, 5.1, and 6.0

Description: A vulnerability was reported in VERITAS NetBackup. A remote user can execute arbitrary code on the target system.

A format string overflow exists in the Java authentication service (bpjava-msvc), affecting VERITAS NetBackup servers and clients.

A remote user can send a specially crafted COMMAND_LOGON_TO_MSERVER command to the target service on port 13722 to trigger the flaw and execute arbitrary code.

The code will run with the privileges of the target service, which is normally root or System level privileges.

Both client and servers are affected.

3Com TippingPoint reported this vulnerability.

Impact: A remote user can execute arbitrary code on the target system with the privileges of the bpjava-msvc daemon (typically root or System privileges).

Solution: The vendor has issued patches.

NetBackup DataCenter and NetBackup BusinesServer 4.5 Feature Pack track: NB_45_9S1443_F

NetBackup DataCenter and NetBackup BusinesServer 4.5 Maintenance Pack track: NB_45_9S1729_M

The above listed patches are available at:

http://support.veritas.com/menu_ddProd uct_NETBACKUPDC_view_DOWNLOAD.htm

NetBackup Enterprise Server and NetBackup Server 5.0: NB_50_5S1320_M

NetBackup Enterprise Server and NetBackup Server 5.1: NB_51_3AS0949_M

NetBackup Entperprise Server and NetBackup Server 6.0: NB_60_3S0007_M

The patches for NetBackup Server 5.0, 5.1, and 6.0 are available at:

http://support.veritas.com/menu_ddProduct_NBUESVR_view_DOWNLOAD.htm

The vendor's advisories are available at:

http://seer.support.veritas.com/docs/279085.htm
http://securityresponse.symantec.com/avcenter/security/Content/2005.10.1 2.html

Vendor URL: securityresponse.symantec.com/avcenter/security/Content/2005.10.12.html (Links to External Site)

Cause: Input validation error, State error

Underlying OS: Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (2000), Windows (2003)

Message History: None.

Source Message Contents

 

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2007, SecurityGlobal.net LLC