Veritas NetBackup Exploit Released

By Ryan Naraine  |  Posted 2006-01-18 Print this article Print

Exploit code for a buffer overflow in Symantec's data backup and recovery product suite is posted online, opening the door for system takeover attacks.

Exploit code for a buffer overflow vulnerability in Symantec Corp.s Veritas NetBackup product has been published online, putting enterprise customers at risk of system takeover attacks.

The security vendor updated a months-old advisory this week to warn of the public release of the exploit and urged NetBackup users to immediately deploy the available patches.

The vulnerability, first discovered by iDefense Inc. last November, affects NetBackup Enterprise Server/Server/Client 5.1 through 5.1.

Symantec has acknowledged that the flaw could potentially allow a remote attacker to cause a denial of service or to execute arbitrary code. Veritas patches flaws in enterprise data backup products. Click here to read more. It was originally discovered in the NetBackup "vmd" daemon but the company said further analysis revealed the problem occurs in a shared library used by "vmd," possibly impacting other daemons using that shared library also.

"The buffer overflow condition is due to improper bounds checking of user input. If a remote attacker were able to gain access to the affected library through one of the daemons and successfully exploit this vulnerability, they could potentially disrupt backup capabilities or possibly execute arbitrary code with elevated privileges on the targeted system," according to the advisory.

Symantec has released cumulative service packs for all affected versions of the product and is strongly recommending that customers deploy the appropriate fixes.

The companys security response unit has also released IPS/IDS signatures to detect and prevent attempts to exploit the flaw, even with the available exploit code.

Veritas NetBackup is a backup and recovery software suite aimed at midsize organizations, workgroups and remote offices.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel