[18664] in bugtraq
Re: Veritas BackupExec (remote DoS)
daemon@ATHENA.MIT.EDU (Jason Griffiths)
Wed Jan 17 12:57:33 2001
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_00BB_01C08013.3BFD16B0"
Message-ID: <00be01c08056$4a35b370$85c00740@sitestream.com>
Date: Tue, 16 Jan 2001 23:22:46 -0800
Reply-To: Jason Griffiths <buqtraq@WIREDWEBSITES.COM>
From: Jason Griffiths <buqtraq@WIREDWEBSITES.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
This is a multi-part message in MIME format.
------=_NextPart_000_00BB_01C08013.3BFD16B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
RE: Veritas BackupExec (remote DoS)Hi,
I can verify that this problem exists also on the Win9x agents, I =
couldnt figure out why the agents on our network kept crashing every =
sunday, and eventually I figured out that this was about the time that I =
had weekly portscans scheduled.
I spoke with Veritas tech support - but nothing was ever done about it.
Jason Griffiths
----- Original Message -----=20
From: Jonah Kowall=20
To: BUGTRAQ@SECURITYFOCUS.COM=20
Sent: Monday, January 15, 2001 12:57 PM
Subject: Re: Veritas BackupExec (remote DoS)
Doesn't the agent only work on backup exec enterprise editions? =
That's what I'm using it with. If you tell them you are using the =
enterprise edition, maybe you can get a different response? Tell them =
you are evaluating it if need be.
I have connected to it, and disconnected, and I didn't see it stop =
responding. I have also opened 3 separate connections, and found it =
took all three simultaneously.
Backup Exec -- Unix Agent, Version 5.01 Revision 5.023=20
Copyright 1999 VERITAS Software Corporation. All Rights Reserved.=20
This is the version of the Linux agent I am running on redhat 6.2.=20
-----Original Message-----=20
From: oh3mqu+bugtraq@TERAFLOPS.COM =
[mailto:oh3mqu+bugtraq@TERAFLOPS.COM]=20
Sent: Monday, January 15, 2001 8:25 AM=20
To: BUGTRAQ@SECURITYFOCUS.COM=20
Subject: Veritas BackupExec (remote DoS)=20
Hello,=20
I am using Backup system from Veritas Software =
(http://www.veritas.com/)=20
and its Linux agent. That agent is listening TCP-socket (8192 in my=20
system) and if someone makes connection to that socket, but do not =
send=20
anything to it, the agent hangs forever, even if you close that=20
connection. For example portscanners make it to hang.=20
I think that the problem is that the software is not using select()=20
function calls before read() calls and it is not using threads either. =
I reported that to the Veritas and they replied "Unfortunately our =
Backup=20
Exec Desktop Products do not support backing up Linux machines. I'm=20
afraid we would be unable to assist you in this instance, however=20
thank you for your interest."=20
--=20
Ari Saastamoinen=20
oh3mqu+bugtraq@teraflops.com=20
------=_NextPart_000_00BB_01C08013.3BFD16B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>RE: Veritas BackupExec (remote DoS)</TITLE>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4611.1300" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I can verify that this problem exists =
also on the=20
Win9x agents, I couldnt figure out why the agents on our network kept =
crashing=20
every sunday, and eventually I figured out that this was about the time =
that I=20
had weekly portscans scheduled.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I spoke with Veritas tech support - but =
nothing was=20
ever done about it.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Jason Griffiths</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Djkowall@PSTEERING.COM =
href=3D"mailto:jkowall@PSTEERING.COM">Jonah=20
Kowall</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3DBUGTRAQ@SECURITYFOCUS.COM=20
=
href=3D"mailto:BUGTRAQ@SECURITYFOCUS.COM">BUGTRAQ@SECURITYFOCUS.COM</A> =
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Monday, January 15, 2001 =
12:57=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: Veritas BackupExec =
(remote=20
DoS)</DIV>
<DIV><BR></DIV>
<P><FONT size=3D2>Doesn't the agent only work on backup exec =
enterprise=20
editions? That's what I'm using it with. If you tell them =
you are=20
using the enterprise edition, maybe you can get a different =
response? =20
Tell them you are evaluating it if need be.</FONT></P>
<P><FONT size=3D2>I have connected to it, and disconnected, and I =
didn't see it=20
stop responding. I have also opened 3 separate connections, and =
found it=20
took all three simultaneously.</FONT></P>
<P><FONT size=3D2>Backup Exec -- Unix Agent, Version 5.01 Revision =
5.023</FONT>=20
<BR><FONT size=3D2>Copyright 1999 VERITAS Software Corporation. =
All Rights=20
Reserved.</FONT> </P>
<P><FONT size=3D2>This is the version of the Linux agent I am running =
on redhat=20
6.2.</FONT> </P><BR>
<P><FONT size=3D2>-----Original Message-----</FONT> <BR><FONT =
size=3D2>From:=20
oh3mqu+bugtraq@TERAFLOPS.COM [<A=20
=
href=3D"mailto:oh3mqu+bugtraq@TERAFLOPS.COM">mailto:oh3mqu+bugtraq@TERAFL=
OPS.COM</A>]</FONT>=20
<BR><FONT size=3D2>Sent: Monday, January 15, 2001 8:25 AM</FONT> =
<BR><FONT=20
size=3D2>To: BUGTRAQ@SECURITYFOCUS.COM</FONT> <BR><FONT =
size=3D2>Subject: Veritas=20
BackupExec (remote DoS)</FONT> </P><BR>
<P><FONT size=3D2>Hello,</FONT> </P>
<P><FONT size=3D2>I am using Backup system from Veritas Software (<A=20
target=3D_blank=20
href=3D"http://www.veritas.com/">http://www.veritas.com/</A>)</FONT> =
<BR><FONT=20
size=3D2>and its Linux agent. That agent is listening TCP-socket =
(8192 in=20
my</FONT> <BR><FONT size=3D2>system) and if someone makes connection =
to that=20
socket, but do not send</FONT> <BR><FONT size=3D2>anything to it, the =
agent=20
hangs forever, even if you close that</FONT> <BR><FONT=20
size=3D2>connection. For example portscanners make it to =
hang.</FONT> </P>
<P><FONT size=3D2>I think that the problem is that the software is not =
using=20
select()</FONT> <BR><FONT size=3D2>function calls before read() calls =
and it is=20
not using threads either.</FONT> </P>
<P><FONT size=3D2>I reported that to the Veritas and they replied =
"Unfortunately=20
our Backup</FONT> <BR><FONT size=3D2>Exec Desktop Products do not =
support=20
backing up Linux machines. I'm</FONT> <BR><FONT size=3D2>afraid =
we would=20
be unable to assist you in this instance, however</FONT> <BR><FONT=20
size=3D2>thank you for your interest."</FONT> </P>
<P><FONT size=3D2>--</FONT> <BR><FONT size=3D2>Ari Saastamoinen</FONT> =
<BR><FONT=20
size=3D2>oh3mqu+bugtraq@teraflops.com</FONT> =
</P></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_00BB_01C08013.3BFD16B0--
