cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Why is the BackupExec 12.5 agent still vulnerable?

pbruland
Level 2

‎04-22-2009 10:45 AM

Our security team did a server scan with a Rapid7 device, and all the servers we have the Symantec BackupExec 12.5 agent installed on, reported that they were vulnerable.

"Running vulnerable NDMP service. Authentication succeeded with <long sting of numbers and letters>."

After doing some quick research on this issue, I found that this was patched in version 10.1. So why the **** is this stil an issue in version 12.5???

All the information about how to fix and patch this issue points to version 10.x, and I cannot find any information about 12.5 or patches for 12.5.

If we can't get this fixed within the next few months before or audit, I'm going to have to pull the clients and find an alternative backup method or application.

Any help would be greatly appreciated.

Thanks

-Petter
5 REPLIES 5

Ben_L_
Level 6
Employee

‎04-22-2009 11:36 AM

Peter,

I will check into this as soon as possible.  To save me a few minutes of digging which patch was this for 10.1?
0 Kudos

pbruland
Level 2

‎05-13-2009 09:07 AM

Here's the link that our vulnerability scanner tells me to visit.

http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html

It's also referencing CVE# CVE-2005-2611 and SECUNIA # 16403.

And it shows "Download and isntall the security fixes mentioned in advisory SYM05-011.

We have a new scan coming up in a short time, and I'm just going to have to tell them that I'm working on this and that it does not seem to have a patch for it currently. I have a system where I can test applying one of these old 10.x patches, but I bet it will fail as the clients are version 12.5.x

Thanks

-Petter

0 Kudos

Ben_L_
Level 6
Employee

‎05-15-2009 06:21 AM

Petter,

I have sent this information off to my escalations group to have them take a look at this and am still waiting on a response.  In the mean time would it be possible to get you to call in and open a case?  Generally for issues like this they need to be reported by opening a case as the forums are peer-to-peer.  Once the case has been opened private message the case number and I'll have it escalated to the proper people. If you don't have a support contract, private message me your contact information, name, number, company, email and I'll see if i can arrang to get a case opened for you.

Thanks
0 Kudos

pbruland
Level 2

‎05-15-2009 09:45 AM

We emailed Secure@symantec.com and reported it there. And I will find out if we have a support contract, so that a case can be opened.

Thanks for following up.

-Petter
0 Kudos

Ben_L_
Level 6
Employee

‎05-26-2009 08:12 AM

Were you able to open a case with support regarding this issue?  If so, can you send me the case number so I can have it escalated?

Thanks
0 Kudos