SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Veritas NetBackup Vendors:   Symantec, Veritas
VERITAS NetBackup bpjava-msvc Logon Format String Bug Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1015028
SecurityTracker URL:  http://securitytracker.com/id/1015028
CVE Reference:   CVE-2005-2715   (Links to External Site)
Updated:  Jan 24 2008
Original Entry Date:  Oct 10 2005
Impact:   Execution of arbitrary code via network, Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.5, 5.0, 5.1, and 6.0
Description:   A vulnerability was reported in VERITAS NetBackup. A remote user can execute arbitrary code on the target system.

A format string overflow exists in the Java authentication service (bpjava-msvc), affecting VERITAS NetBackup servers and clients.

A remote user can send a specially crafted COMMAND_LOGON_TO_MSERVER command to the target service on port 13722 to trigger the flaw and execute arbitrary code.

The code will run with the privileges of the target service, which is normally root or System level privileges.

Both client and servers are affected.

3Com TippingPoint reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system with the privileges of the bpjava-msvc daemon (typically root or System privileges).
Solution:   The vendor has issued patches.

NetBackup DataCenter and NetBackup BusinesServer 4.5 Feature Pack track: NB_45_9S1443_F

NetBackup DataCenter and NetBackup BusinesServer 4.5 Maintenance Pack track: NB_45_9S1729_M

The above listed patches are available at:

http://support.veritas.com/menu_ddProduct_NETBACKUPDC_view_DOWNLOAD.htm

NetBackup Enterprise Server and NetBackup Server 5.0: NB_50_5S1320_M

NetBackup Enterprise Server and NetBackup Server 5.1: NB_51_3AS0949_M

NetBackup Entperprise Server and NetBackup Server 6.0: NB_60_3S0007_M

The patches for NetBackup Server 5.0, 5.1, and 6.0 are available at:

http://support.veritas.com/menu_ddProduct_NBUESVR_view_DOWNLOAD.htm

The vendor's advisories are available at:

http://seer.support.veritas.com/docs/279085.htm
http://securityresponse.symantec.com/avcenter/security/Content/2005.10.12.html

Vendor URL:  securityresponse.symantec.com/avcenter/security/Content/2005.10.12.html (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), UNIX (Tru64), Windows (2000), Windows (2003)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC