cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Exec Remote Agent for Windows contains a buffer overflow Security Alert

Josh_Green
Level 3

‎06-29-2005 12:47 PM

http://seer.support.veritas.com/docs/276604.htm

national Cyber Alert System

Technical Cyber Security Alert TA05-180A archive
VERITAS Backup Exec Software is actively being exploited

Original release date: June 29, 2005
Last revised: --
Source: US-CERT

Systems Affected

VERITAS Backup Exec Remote Agent

Overview

The VERITAS Backup Exec Remote Agent for Windows contains a buffer overflow that may allow an unauthenticated, remote attacker to compromise a system and execute arbitrary code with administrative privileges.

---------------------------------------------------------------
Hello,

I don't understand how this security alert applies to 99.9% of the BE install base. I would assume all BE servers are behind a firewall that do not have port 10,000 open to the public.

Can you share more info how this relates to BE admin's and if we really need to apply the patch?

Thanks.

-Josh
0 Kudos
4 REPLIES 4

David_Hughes_2
Not applicable

‎06-29-2005 08:47 PM

Also, when running the patch for this alert it fails on Win2003Srv Enterprise. When unpacking the updater for v10 latest build with patch the unpacking process results in 282 errors. Is the patch being reposted to correct these issues..?

-David
0 Kudos

Renuka_-
Level 6
Employee

‎06-30-2005 03:27 AM

HelloJosh,

This vulneribilty might occur due to buffer overflows, the detection would be rather complicated. Hence you may apply the hotfix if you feel you might be prone.

David,

In your case you could just upgrade the build to 5520 in order to protect the system from this vulneribilty. This build has been patched already.

NOTE : If we do not receive your reply within two business days, this post would be marked assumed answeredand would be moved toanswered questions pool.
0 Kudos

Josh_Green
Level 3

‎06-30-2005 06:29 AM

Thanks.
0 Kudos

Michael_Armstro
Level 3

‎07-29-2005 03:10 AM

We know the server was compromised by this vulnerability. After applying the patch or upgrading to the new build, how can we determine or be assured that the server is safe to put back in service without totally rebuilding it?
0 Kudos