Tuesday, July 05, 2005

Exploit Circulates for Veritas Backup Exec Software

Exploit Circulates for Veritas Backup Exec Software - Yahoo! News
Veritas Backup Exec is used primarily for network-based backups. When active, the software "listens" for remote indications from around the network to determine when a backup should begin.
But according to CERT, the Veritas software contains a buffer-overflow vulnerability that will allow an unauthenticated, remote attacker who has found the software to compromise a system, then execute applications using administrative privileges.

Wow, first time I've seen backup software exploited. Anyway, here is a quick way to impress the boss or make your backup admin look bad if he's irritated you. Of course a properly configured firewall would stop this exploit but it never hurts to be safe.


Post a Comment

<< Home