Note: Product versions prior to those listed above are NOT supported. Customers running legacy product versions should upgrade and apply available updates.
Remote Access (adjacent network)
During the normal process of an administrative login, the Symantec Veritas NetBackup server communicates with the client via the Veritas network daemon, vnetd. This communication process does not properly sanitize server-supplied data during initial communications setup. This could allow a non-privileged user with access to the targeted host's local network, to insert arbitrary code of their choice on the system which could then potentially execute on the system with administrative privileges. Exploitation could possibly result in memory corruption and denial of service or, if successfully exploited, could potentially allow a malicious user to gain administrative privileges on the targeted computer.
Symantec engineers have verified that the vulnerability exists in the supported versions of Symantec Veritas NetBackup listed in the table above. Updates have been released to resolve the issue.
Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue.
The updates and additional information concerning affected products are available from:
Symantec Security Response has released an IPS/IDS signature, Signature ID 23283, to detect and block attempts to exploit this issue. Signature is available through normal update channels.
As part of normal best practices, Symantec strongly recommends:
Restrict access to administration or management systems to privileged users.
Restrict remote access, if it is required, to trusted/authorized systems only.
Run under the principle of least privilege where possible to limit the impact of potential exploits.
Keep all operating systems and applications updated with the latest vendor patches.
Follow a multi-layered approach to security. Run both firewall and antivirus applications, at a minimum, to provide multiple points of detection and protection to both inbound and outbound threats.
Deploy network intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities
Symantec would like to thank the National Australia Bank's Security Assurance team for identifying this issue and working closely with us during resolution
This issue is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. A CVE Candidate name has been requested from the Common Vulnerabilities and Exposures (CVE) initiative for this issue. This advisory will be revised accordingly upon receipt of the CVE Candidate name.
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.