Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:VERITAS:CLIENT-AUTH-OF

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Veritas Backup Agent Client Authentication Overflow

Release Date

 2005/06/28

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

APP: Veritas Backup Agent Client Authentication Overflow


This signature detects attempts to exploit a known vulnerability in Veritas Backup Agent software. Attackers can send an overly long client authentication string to a backup server in an attempt to overflow a buffer and gain control of the server as System.

Extended Description

Veritas Backup Exec Remote Agent for Windows Servers is prone to a remotely exploitable buffer-overflow vulnerability. This issue occurs when handling authentication requests. Successful exploits could allow attackers to execute arbitrary code.

Affected Products

  • Veritas Software Backup Exec for NetWare Servers 9.0.4019
  • Veritas Software Backup Exec for NetWare Servers 9.0.4170
  • Veritas Software Backup Exec for NetWare Servers 9.0.4172
  • Veritas Software Backup Exec for NetWare Servers 9.0.4174
  • Veritas Software Backup Exec for NetWare Servers 9.0.4202
  • Veritas Software Backup Exec for NetWare Servers 9.1.1067 .2
  • Veritas Software Backup Exec for NetWare Servers 9.1.1067 .3
  • Veritas Software Backup Exec for NetWare Servers 9.1.1127 .1
  • Veritas Software Backup Exec for NetWare Servers 9.1.1151 .1
  • Veritas Software Backup Exec for NetWare Servers 9.1.1152
  • Veritas Software Backup Exec for NetWare Servers 9.1.1152 .4
  • Veritas Software Backup Exec for NetWare Servers 9.1.1154
  • Veritas Software Backup Exec for NetWare Servers 9.1.306
  • Veritas Software Backup Exec for NetWare Servers 9.1.307
  • Veritas Software Backup Exec for Windows Servers 10.0.0 rev. 5484
  • Veritas Software Backup Exec for Windows Servers 10.0.0 rev. 5484 SP1
  • Veritas Software Backup Exec for Windows Servers 9.0.0 rev. 4367
  • Veritas Software Backup Exec for Windows Servers 9.0.0 rev. 4367 SP1
  • Veritas Software Backup Exec for Windows Servers 9.0.0 rev. 4454
  • Veritas Software Backup Exec for Windows Servers 9.0.0 rev. 4454 SP1
  • Veritas Software Backup Exec for Windows Servers 9.1.0 rev. 4691
  • Veritas Software Backup Exec for Windows Servers 9.1.0 rev. 4691 SP2

References

  • BugTraq: 14022
  • CVE: CVE-2005-0773

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out