cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Backup Exec SP3 still has a vulnerability

Justin_Guidroz
Level 3

‎08-26-2005 07:19 AM

Hello:

To test things, I installed Backup Exec 9.1 on a test server. After the installation, I rebooted the machine. I then ran Vertias Update which told me I had two updates that weren't installed: SP3 and Hotfix 54. I downloaded and installed SP3. I rebooted the machine and then checked for vulnerabilities that were supposed to be fixed by SP3, specifically the BackupExec Remote Registry Access Vulnerability and the BackupExec Remote Agent Security Vulnerability. The machine was still VULNERABLE to both vulnerabilities (second one expected since Hotfix 54 hadn't been applied). I then preceded to install Hotfix 54 and rebooted the machine. I then tested for vulnerabilities again. The machine was no longer vulnerable to the Remote Agent Security Vulnerability (which is expected since I installed Hotfix 54), but it was still vulnerable to the Remote Registry Access Vulnerability (which is expected since Hotfix 54 does not fix this).

I have compared all the files that were updated according to this link http://seer.support.veritas.com/docs/278302.htm and the only files that were different were the ones updated by Hotfix 54. And those files matched with what was updated by Hotfix 54.

What is the resolution for this issue?
0 Kudos
1 REPLY 1

Shilpa_pawar_2
Level 6

‎08-29-2005 01:26 AM

Hi,

This alert message that you are getting may not be related to Backup Exec. What is the exact description of the vulnerability that you see during scan?

We would like to know whether you are facing any problems or errors while backing up or restoring data using VERITAS Backup Exec v9.1.

Also ensure that you reinstall remote agent after updating the machine with latest patches!


Additional Information :
For information on the recent VERITAS Backup Exec security vulnerabilities, including links to the downloads for the necessary hotfixes, please refer to the following document:
Patch summary for Security Advisories VX05-001, VX05-002, VX05-003, VX05-005, VX05-006, VX05-007

http://seer.support.veritas.com/docs/277429.htm




NOTE : If we do not receive your reply within two business days, this post would be marked "assumed answered" and would be moved to "answered questions" pool.
0 Kudos