Links
Backup Exec Multiple Vulnerabilities
GSA Reference Number: AD081120-01
Simply Put: Symantec Backup Exec versions 11.x and 12.x are vulnerable to a denial of service attack and an authentication bypass attack. These vulnerabilities, if exploited together, can lead to a remote code exploit. Both issues affect the Backup Exec Remote Agent.
Attack Details: The Remote Agent is vulnerable to authentication bypass because there are multiple errors in the authentication protocol, according to Secunia. If exploited, the attacker can gain access to read or delete arbitrary files on the system. Backup exec is also vulnerable to a buffer overflow vulnerability from authenticated traffic. Since an attacker can exploit the remote agent to appear authenticated, these vulnerabilities combined can lead to unauthenticated remote code execution. In order to exploit these vulnerabilities, an attacker must be on a network segment with access to the remote agent. This traffic is normally not allowed through a gateway firewall.
Countermeasures: The vendor has released a patch for this vulnerability. Gladiator recommends all users upgrade their Backup Exec software. Note: since this vulnerability affects the Remote Agent, administrators must push out agent updates after upgrading Backup Exec.
Related Links:
- Secunia Advisory (http://secunia.com/Advisories/32810/)
- Security Focus Advisory (http://www.securityfocus.com/bid/32346)
- Symantec Advisory (http://securityresponse.symantec.com/avcenter/security/Content/2008.11.19.html)