Symantec fixes Backup Exec flaw

Article

Symantec fixes Backup Exec flaw

Bill Brenner, Senior News Writer
Users of Symantec Backup Exec for Netware Servers 9.1 and 9.2 are urged to upgrade to new versions that fix security flaws attackers could exploit to cause a denial of service, launch malicious code and gain access to vulnerable machines.

Symantec Corp., the Cupertino, Calif.-based antivirus giant, warned users of the flaw via its DeepSight Threat Management Service Friday morning. Backup Exec is a network-enabled backup product

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Symantec acquired when it purchased storage company Veritas Software Corp. in late 2004.

The vendor said Backup Exec for Netware Servers with remote agent for Windows servers is prone to multiple heap-overflow vulnerabilities that arise because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers.

"Specifically, these issues affect the RPC interfaces of the application and arise when specially crafted calls are processed," Symantec said. "A remote attacker may exploit these vulnerabilities to execute arbitrary code and gain system privileges on a vulnerable computer. Failed attack attempts may result in denial-of-service conditions as well."

Backup Exec 9.1 and 9.2 for Netware Servers remote agent for Windows servers are vulnerable to these issues, Symantec said, adding, "Reports indicate that these or similar issues also affect Backup Exec for Windows servers, Backup Exec Continuous Protection Server (CPS) remote agent, and other Backup Exec remote agents."

To carry out an attack, Symantec said digital miscreants must identify a vulnerable computer running the affected application, then craft an exploit that sends malicious calls over RCP to the application to trigger one of the vulnerabilities. The exploit would contain excessive data, arbitrary machine code and replacement memory addresses.

"If successful, the attacker-supplied code will be executed, resulting in granting unauthorized access to the remote attacker," Symantec said. "This may result in a full compromise."

Symantec did point out that it's not aware of any exploits at this time.

Backup Exec 9.1.1158.9 for NetWare Servers with RAWS 4691.42 Hotfix 58 and Backup Exec 9.2.1401.3 for NetWare Servers with RAWS 5629.3 Hotfix 34 have been released to address the flaw, Symantec said.