Exploit Loose For Veritas NetBackup Bug

Symantec on Tuesday warned users of Veritas NetBackup that a new exploit of a months-old bug is on the prowl, and recommended that administrators patch promptly.

January 17, 2006

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Symantec on Tuesday warned users of Veritas NetBackup that a new exploit of a months-old bug is on the prowl, and recommended that administrators patch promptly.

The flaw in NetBackup harks back to early November 2005, when Symantec acknowledged a vulnerability in its Veritas software that could let attackers gain complete control of a system.

"The vulnerability can be exploited before authentication takes place, and as such, is available to any attacker who can connect to the vulnerable daemon," read the original Symantec alert.

A specially crafted packet sent to the NetBackup Volume Manager could conceivably compromise not only the system, but also the data backed up by the software, noted SANS' Internet Storm Center (ISC) late Monday.

"The downside of this exploit is that, in one pass, an attacker would have the ability to create a disaster, and then destroy a company's ability to recover from said disaster," wrote ISC "handler" Tony Carothers on the center's blog.Dubbed "netbackup-exploit.c," the attack comes over TCP port 13701. Its author claims to have successfully tested the exploit against NetBackup 4.5, 5.0, and 5.1.

"Apply the patches to all vulnerable machines as soon as possible," recommended Symantec. The patches can be found on the Veritas support site.

Veritas products have been hit hard by vulnerabilities in the last 9 months, with seven bugs disclosed in June 2005, and another in August.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights