Test Kennung:	1.3.6.1.4.1.25623.1.0.802985
Kategorie:	Buffer overflow
Titel:	VERITAS Backup Exec Remote Agent Windows Servers BOF Vulnerability
Zusammenfassung:	VERITAS Backup Exec Remote Agent for Windows Servers is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: VERITAS Backup Exec Remote Agent for Windows Servers is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to insufficient input validation on CONNECT_CLIENT_AUTH requests. CONNECT_CLIENT_AUTH requests sent with an authentication method type '3' indicating Windows user credentials, and an overly long password argument can overflow the buffer and lead to arbitrary code execution. Vulnerability Impact: Successful exploitation will allow attackers to overflow a buffer and execute arbitrary code on the system. Affected Software/OS: Veritas Backup Exec Remote Agent versions 9.0 through 10.0 for Windows Servers Solution: Upgrade to Veritas Backup Exec Remote Agent 10.0 rev. 5520 for Windows Servers CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0773 AUSCERT Advisory: AL-2005.013 BugTraq ID: 14022 http://www.securityfocus.com/bid/14022 Cert/CC Advisory: TA05-180A http://www.us-cert.gov/cas/techalerts/TA05-180A.html CERT/CC vulnerability note: VU#492105 http://www.kb.cert.org/vuls/id/492105 http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities&flashstatus=true http://www.osvdb.org/17624 http://securitytracker.com/id?1014273 http://secunia.com/advisories/15789
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.