I started this thread a while ago and ended up having to come up with a solution on my own since Veritas tech support proved to be pretty much worthless. Yay outsourcing to India. Way to save a couple of bucks there Veritas (or Symantec now maybe?). Since I couldn't sit around and wait for an answer while my boxes were getting hacked, I ended up uninstalling all of the agents that I had deployed, uninstalling and reinstalling the media server, patching my media server in date order on the patches, and then reinstalling all of my agents. This resulted in the correct version of the agent being deployed to all of the servers that I need to back up. If you want to try this method, the directions for uninstalling and reinstalling your media server without losing job history or media information can be found here:
http://seer.support.veritas.com/docs/260054.htm
About half way through this process, another sysadmin on campus from a different IT group came up with a quick and dirty way to force your agents to update, but since I was already past the point of no return on my uninstall-reinstall, it didn't really serve a purpose for me and I didn't have a chance to try it myself. If you'd like to try that method instead, here are the directions:
1. Start > Run , then browse via UNC to the \veritas\agents\RANT32 folder on your Backup Exec media server
2. Right-click on the RAWS.msp file dated 6/3/2005 and select 'Apply'
3. Locate C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe on the remote server
4. Right-click on beremote.exe, select Properties and click on the 'versions' tab (version should now read 9.1.4691.49)
So there it is. All I have to say is get this done as soon as possible. I was lucky enough to have my servers protected by network firewalls, so I didn't see any of my machines get compromised, but I did a test hack on our development server with Metasploit and had shell access in about two seconds, while standing on my head, backwards, with my eyes close, up hills both ways in the snow. It's that easy to hack a box with this vulnerability. Best of luck, and I hope this helps!
Erik