Backup Exec and outdated PHP?

jonsmi · ‎02-09-2013

We are running Backup Exec 2012. Recently we implemented Secunia Corporate Inspector (CSI). http://secunia.com/vulnerability_scanning/

The scan result shows PHP 5.2.x, version 5.2.0. Secunia states "End of Life." In addition, Secunia wants to get rid of this version.

Question: Does Backup Exec need PHP? If so, is there a way of updating those files?

The PHP files are located her with a default installation: C:\Program Files\Symantec\Backup Exec\SEPM:

11/02/2006 11:41 PM         1,093,632 libeay32.dll
02/09/2007 07:13 PM           166,912 libmcrypt.dll
02/09/2007 07:13 PM            28,725 php.exe
08/08/2007 10:33 PM               410 php.exe.manifest
02/09/2007 08:13 PM               940 Php.ini
02/09/2007 07:13 PM         4,698,168 php5ts.dll
11/02/2006 11:41 PM           221,242 php_curl.dll
02/09/2007 07:13 PM           41,020 php_mcrypt.dll
11/02/2006 11:41 PM            61,501 php_openssl.dll
09/09/2011 11:16 AM         1,667,488 SAVUtil.Exe
11/02/2006 11:41 PM           200,704 ssleay32.dll

Thanks in advance!

VJware · ‎02-09-2013

PHP is used by Symantec Endpoint Protection (SEP) & I suspect its part of the Backup Exec\SEPM directory which gets created for ThreatCon polling.

Would recommend you to log a formal support case & reference "2866903" citing a known issue.

A_L_Johnson · ‎02-14-2013

Hello,

I wanted you to know that Symantec has seen your post and the issue you have raised, and speaking on behalf of Symantec and the program team, Symantec is currently investigating this issue to determine the validity of these findings. We will provide additional information as soon as we are able.

Please feel free to send me a message if you have additional questions and we will post a response here as soon as the investigation is concluded.

Thanks so much,

Amy Johnson - Symantec

Connect - Backup and Recovery Admin

VOX

Backup Exec and outdated PHP?