Symantec was notified of a directory traversal vulnerability in Symantec’s NetBackup Appliance 2.0.x Management Console web interface. Successfully exploitation could potentially allow an authorized but unprivileged network user access to privileged files to include system files that could be leveraged to potentially gain unauthorized network access.
In a normal installation the Symantec NetBackup appliance management interface should not be externally accessible from the network environment. This restriction reduces exposure to the issue from external sources. However, an authorized but unprivileged network user or an external attacker able to successfully leverage network access could attempt to exploit the issue.
Symantec Response Symantec engineers had previously indentified this issue during our internal reviews. It has been addressed in Symantec NetBackup appliance 2.5.x. Symantec strongly recommends customers migrate from NetBackup appliance 2.0.x to NetBackup appliance 2.5.x or later.
Updates are available through normal customer support locations.
Best Practices As part of best practices, Symantec strongly recommends:
Restrict access to administration or management systems to privileged users.
Restrict remote access, if required, to trusted/authorized systems only.
Run under the principle of least privilege where possible to limit the impact of threats.
Keep all operating systems and applications updated with the latest vendor patches.
Follow a multi-layered approach to security. Run both firewall and anti-malware applications, at a minimum, to provide multiple points of detection and protection to both inbound and outbound threats.
Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities
Symantec credits Joe Durbin with Pen Test Partners, for reporting this issue and coordinating with us.
BID:Security Focus, http://www.securityfocus.com, has assigned a Bugtraq ID (BID) to this issue for inclusion in the Security Focus vulnerability database.
CVE:This issue is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.