[278] in Security FYI
[Security-fyi] Security Advisory for VERITAS Backup Exec
daemon@ATHENA.MIT.EDU (Chris Logan, IT Security Support)
Fri Jun 24 11:48:07 2005
Message-Id: <6.2.1.2.2.20050624114331.03a2a2d0@hesiod>
Date: Fri, 24 Jun 2005 11:45:01 -0400
To: security-fyi@MIT.EDU
From: "Chris Logan, IT Security Support" <security@MIT.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Errors-To: security-fyi-bounces@MIT.EDU
To: All Users of VERITAS Backup Exec
Re: VERITAS Backup Exec Remote Agent for Windows Servers (RAWS) Buffer Overflow Vulnerability
On June 22, 2005 VERITAS released a High Risk Software Security Advisory which affects the following versions of the Backup Exec software:
- Backup Exec for NetWare 9.0, 9.1
- Backup Exec for Windows Servers 10.0, 10.0 5484, 9.0, 9.0 4367, 9.0 4454, 9.1, 9.1 4691
Overview
Exploitation of buffer overflow vulnerabilities in the VERITAS Backup Exec Remote Agent for Windows Servers (RAWS) may allow a remote attacker to gain privileged access and execute arbitrary code on the targeted system.
VERITAS has released a patch which addresses this problem located here:
<http://seer.support.veritas.com/docs/276604.htm>http://seer.support.veritas.com/docs/276604.htm
Please see the URL listed below for a list of the affected operating systems and further technical details:
<http://seer.support.veritas.com/docs/276604.htm>http://seer.support.veritas.com/docs/276604.htm
If you have questions about this advisory, contact security@mit.edu.
------------------------------------------------------------------------------
Christopher M Logan
Network Security Analyst
Information Services and Technology (IS&T)
Massachusetts Institute of Technology
Building N42 - 040i
Cambridge, MA 02139
617-324-3369
logancm@mit.edu security@mit.edu stopit@mit.edu
------------------------------------------------------------------------------
_______________________________________________
Security-fyi mailing list
Security-fyi@mit.edu
http://mailman.mit.edu/mailman/listinfo/security-fyi
