Symantec fixes Backup Exec flaw

By Bill Brenner, Senior News Writer 11 Aug 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Symantec Corp., the Cupertino, Calif.-based antivirus giant, warned users of the flaw via its DeepSight Threat Management Service Friday morning. Backup Exec is a network-enabled backup product Symantec acquired when it purchased storage company Veritas Software Corp. in late 2004.

The vendor said Backup Exec for Netware Servers with remote agent for Windows servers is prone to multiple heap-overflow vulnerabilities that arise because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers.

"Specifically, these issues affect the RPC interfaces of the application and arise when specially crafted calls are processed," Symantec said. "A remote attacker may exploit these vulnerabilities to execute arbitrary code and gain system privileges on a vulnerable computer. Failed attack attempts may result in denial-of-service conditions as well."

Backup Exec 9.1 and 9.2 for Netware Servers remote agent for Windows servers are vulnerable to these issues, Symantec said, adding, "Reports indicate that these or similar issues also affect Backup Exec for Windows servers, Backup Exec Continuous Protection Server (CPS) remote agent, and other Backup Exec remote agents."

To carry out an attack, Symantec said digital miscreants must identify a vulnerable computer running the affected application, then craft an exploit that sends malicious calls over RCP to the application to trigger one of the vulnerabilities. The exploit would contain excessive data, arbitrary machine code and replacement memory addresses.

"If successful, the attacker-supplied code will be executed, resulting in granting unauthorized access to the remote attacker," Symantec said. "This may result in a full compromise."

Symantec did point out that it's not aware of any exploits at this time.

Backup Exec 9.1.1158.9 for NetWare Servers with RAWS 4691.42 Hotfix 58 and Backup Exec 9.2.1401.3 for NetWare Servers with RAWS 5629.3 Hotfix 34 have been released to address the flaw, Symantec said.

Tags: Enterprise Data Governance,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Enterprise Data Governance How to protect distributed information flows Interpreting 'risk' in the Massachusetts data protection law Creating an enterprise data protection framework Analyst DLP study finds maturity, ranks top DLP vendors Voltage, RSA spar over tokenization, data protection Twitter gets condemned by CISOs at Forrester forum PCI DSS compliance requirements: Ensuring data integrity Trustwave acquires data loss prevention vendor Vericept Data has become too distributed to secure, Forrester says Cloud-based security services should start private

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary cut-and-paste attack  (SearchSecurity.com) data masking  (SearchSecurity.com) data splitting  (SearchSecurity.com) deperimeterization  (SearchSecurity.com) Google hacking  (SearchSecurity.com) masquerade  (SearchSecurity.com) snooping  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary