Executive Summary
Summary | |
---|---|
Title | Symantec Backup Exec contains heap overflow in RPC interface |
Informations | |||
---|---|---|---|
Name | VU#213697 | First vendor Publication | 2007-07-11 |
Vendor | VU-CERT | Last vendor Modification | 2007-07-11 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#213697Symantec Backup Exec contains heap overflow in RPC interfaceOverviewSymantec Backup Exec for Windows Servers contains a vulnerability that may allow a remote attacker to cause a denial of service or potentially execute arbitrary code on an affected system.I. DescriptionSymantec Backup Exec for Windows Servers is a client/server based backup software solution. A heap buffer overflow vulnerability exists in the way one of the Remote Procedure Call (RPC) interfaces provided by this software handles requests using the ncacn_ip_tcp protocol. A remote attacker with the ability to connect to the affected service and supply a specially crafted packet could exploit this vulnerability.II. ImpactA remote unauthenticated attacker may be able to cause the affected service to crash, resulting in a denial of service. Symantec reports that the attacker may also potentially be able to execute arbitrary code on the affected system.III. SolutionApply an update from the vendorSymantec has published Symantec Security Advisory SYM07-015 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
References
iDefense reported this vulnerability in iDefense PUBLIC ADVISORY: 07.11.07. They credit an anonymous researcher with reporting this vulnerability to them. This document was written by Chad R Dougherty based on information supplied by Symantec and iDefense.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/213697 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36111 | Symantec Backup Exec for Windows RPC Crafted ncacn_ip_tcp Request Remote Over... A remote overflow exists in Backup Exec for Windows. The RPC server fails to properly verify boundaries resulting in a heap-based overflow. With a specially crafted request, an attacker can cause a denial of service and a possibility for arbitrary code execution resulting in a loss of availability. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-07-16 | Name : Arbitrary code can be executed on the remote host. File : symantec_backup_exec_rpc_heap_overflows2.nasl - Type : ACT_GATHER_INFO |