Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | volume_manager | 3.0.2 |
| symantec_veritas | volume_manager | 3.0.3 |
| symantec_veritas | volume_manager | 3.0.4 |
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup | 4.5 |
VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | cluster_server | 1.3.0 |
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | * |
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | mysql | 3.23.29 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp1 |
| oracle | mysql | 3.23.38 |
| oracle | mysql | 3.23.51 |
| oracle | mysql | 3.23.41 |
| oracle | mysql | 3.23.46 |
| oracle | mysql | 3.23.49 |
| oracle | mysql | 4.0.2 |
| oracle | mysql | 3.23.44 |
| oracle | mysql | 3.22.28 |
| oracle | mysql | 3.23.8 |
| oracle | mysql | 3.23.43 |
| oracle | mysql | 3.23.28 |
| oracle | mysql | 4.0.1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp2 |
| oracle | mysql | 3.23.9 |
| oracle | mysql | 3.23.10 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp2 |
| oracle | mysql | 4.0.3 |
| oracle | mysql | 3.22.32 |
| oracle | mysql | 3.23.47 |
| oracle | mysql | 3.23.37 |
| oracle | mysql | 3.23.40 |
| oracle | mysql | 3.23.25 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp2 |
| oracle | mysql | 3.23.5 |
| oracle | mysql | 3.23.4 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp1 |
| oracle | mysql | 3.23.50 |
| oracle | mysql | 3.23.45 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp3 |
| oracle | mysql | 3.23.27 |
| oracle | mysql | 3.23.42 |
| oracle | mysql | 3.23.52 |
| symantec_veritas | netbackup_advanced_reporter | 3.4 |
| oracle | mysql | 3.23.23 |
| oracle | mysql | 3.23.39 |
| symantec_veritas | netbackup_advanced_reporter | 4.5 |
| oracle | mysql | 4.0.5a |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp3 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp1 |
| oracle | mysql | 3.22.26 |
| oracle | mysql | 3.23.31 |
| oracle | mysql | 3.23.53a |
| oracle | mysql | 3.23.3 |
| oracle | mysql | 3.23.26 |
| oracle | mysql | 3.23.30 |
| oracle | mysql | 3.23.2 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp3 |
| oracle | mysql | 3.23.36 |
| oracle | mysql | 3.23.53 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp2 |
| oracle | mysql | 3.23.24 |
| symantec_veritas | netbackup_global_data_manager | 4.5 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp3 |
| oracle | mysql | 3.22.29 |
| oracle | mysql | 3.22.27 |
| oracle | mysql | 3.23.48 |
| oracle | mysql | 3.22.30 |
| oracle | mysql | 3.23.34 |
| oracle | mysql | 4.0.0 |
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | mysql | 3.23.29 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp1 |
| oracle | mysql | 3.23.38 |
| oracle | mysql | 3.23.51 |
| oracle | mysql | 3.23.41 |
| oracle | mysql | 3.23.46 |
| oracle | mysql | 3.23.49 |
| oracle | mysql | 4.0.2 |
| oracle | mysql | 3.23.44 |
| oracle | mysql | 3.22.28 |
| oracle | mysql | 3.23.8 |
| oracle | mysql | 3.23.43 |
| oracle | mysql | 3.23.28 |
| oracle | mysql | 4.0.1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp2 |
| oracle | mysql | 3.23.9 |
| oracle | mysql | 3.23.10 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp2 |
| oracle | mysql | 4.0.3 |
| oracle | mysql | 3.22.32 |
| oracle | mysql | 3.23.47 |
| oracle | mysql | 3.23.37 |
| oracle | mysql | 3.23.40 |
| oracle | mysql | 3.23.25 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp2 |
| oracle | mysql | 3.23.5 |
| oracle | mysql | 3.23.4 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp1 |
| oracle | mysql | 3.23.50 |
| oracle | mysql | 3.23.45 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp3 |
| oracle | mysql | 3.23.27 |
| oracle | mysql | 3.23.42 |
| oracle | mysql | 3.23.52 |
| symantec_veritas | netbackup_advanced_reporter | 3.4 |
| oracle | mysql | 3.23.23 |
| oracle | mysql | 3.23.39 |
| symantec_veritas | netbackup_advanced_reporter | 4.5 |
| oracle | mysql | 4.0.5a |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp3 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp1 |
| oracle | mysql | 3.22.26 |
| oracle | mysql | 3.23.31 |
| oracle | mysql | 3.23.53a |
| oracle | mysql | 3.23.3 |
| oracle | mysql | 3.23.26 |
| oracle | mysql | 3.23.30 |
| oracle | mysql | 3.23.2 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp3 |
| oracle | mysql | 3.23.36 |
| oracle | mysql | 3.23.53 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp2 |
| oracle | mysql | 3.23.24 |
| symantec_veritas | netbackup_global_data_manager | 4.5 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp3 |
| oracle | mysql | 3.22.29 |
| oracle | mysql | 3.22.27 |
| oracle | mysql | 3.23.48 |
| oracle | mysql | 3.22.30 |
| oracle | mysql | 3.23.34 |
| oracle | mysql | 4.0.0 |
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| oracle | mysql | 3.23.29 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp1 |
| oracle | mysql | 3.23.38 |
| oracle | mysql | 3.23.51 |
| oracle | mysql | 3.23.41 |
| oracle | mysql | 3.23.46 |
| oracle | mysql | 3.23.49 |
| oracle | mysql | 4.0.2 |
| oracle | mysql | 3.23.44 |
| oracle | mysql | 3.22.28 |
| oracle | mysql | 3.23.8 |
| oracle | mysql | 3.23.43 |
| oracle | mysql | 3.23.28 |
| oracle | mysql | 4.0.1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp2 |
| oracle | mysql | 3.23.9 |
| oracle | mysql | 3.23.10 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp2 |
| oracle | mysql | 4.0.3 |
| oracle | mysql | 3.22.32 |
| oracle | mysql | 3.23.47 |
| oracle | mysql | 3.23.37 |
| oracle | mysql | 3.23.40 |
| oracle | mysql | 3.23.25 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp2 |
| oracle | mysql | 3.23.5 |
| oracle | mysql | 3.23.4 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp1 |
| oracle | mysql | 3.23.50 |
| oracle | mysql | 3.23.45 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp1 |
| symantec_veritas | netbackup_global_data_manager | 4.5_fp3 |
| oracle | mysql | 3.23.27 |
| oracle | mysql | 3.23.42 |
| oracle | mysql | 3.23.52 |
| symantec_veritas | netbackup_advanced_reporter | 3.4 |
| oracle | mysql | 3.23.23 |
| oracle | mysql | 3.23.39 |
| symantec_veritas | netbackup_advanced_reporter | 4.5 |
| oracle | mysql | 4.0.5a |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp3 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp1 |
| oracle | mysql | 3.22.26 |
| oracle | mysql | 3.23.31 |
| oracle | mysql | 3.23.53a |
| oracle | mysql | 3.23.3 |
| oracle | mysql | 3.23.26 |
| oracle | mysql | 3.23.30 |
| oracle | mysql | 3.23.2 |
| symantec_veritas | netbackup_global_data_manager | 4.5_mp3 |
| oracle | mysql | 3.23.36 |
| oracle | mysql | 3.23.53 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_fp2 |
| oracle | mysql | 3.23.24 |
| symantec_veritas | netbackup_global_data_manager | 4.5 |
| symantec_veritas | netbackup_advanced_reporter | 4.5_mp3 |
| oracle | mysql | 3.22.29 |
| oracle | mysql | 3.22.27 |
| oracle | mysql | 3.23.48 |
| oracle | mysql | 3.22.30 |
| oracle | mysql | 3.23.34 |
| oracle | mysql | 4.0.0 |
Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | cluster_server | 1.3_solaris |
| symantec_veritas | cluster_server | 1.2_nt |
| symantec_veritas | cluster_server | 1.3_hp-ux |
| symantec_veritas | cluster_server | 1.3 |
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 8.0 |
| symantec_veritas | backup_exec | 9.1 |
| symantec_veritas | backup_exec | 8.5 |
| symantec_veritas | backup_exec | 9.0 |
| symantec_veritas | backup_exec | 8.6 |
Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | cluster_server | 1.3_solaris |
| symantec_veritas | cluster_server | 3.5_hp-ux_update_1 |
| symantec_veritas | cluster_server | 1.2_nt |
| symantec_veritas | cluster_server | 3.5_mp1j |
| symantec_veritas | cluster_server | 3.5_p1 |
| symantec_veritas | cluster_server | 1.0.2_solaris |
| symantec_veritas | cluster_server | 3.5_solaris_mp2 |
| symantec_veritas | cluster_server | 1.3_hp-ux |
| symantec_veritas | cluster_server | 3.5_hp-ux_update_2 |
| symantec_veritas | cluster_server | 1.3_p4 |
| symantec_veritas | cluster_server | 1.3_nt |
| symantec_veritas | cluster_server | 2.0_solaris_ga |
| symantec_veritas | cluster_server | 4.0_solaris |
| symantec_veritas | cluster_server | 1.3_p1 |
| symantec_veritas | cluster_server | 2.0_p1 |
| symantec_veritas | cluster_server | 1.3 |
| symantec_veritas | cluster_server | 3.5_solaris_beta |
| symantec_veritas | cluster_server | 1.3.1_p3 |
| symantec_veritas | cluster_server | 3.5.1_aix |
| symantec_veritas | cluster_server | 4.0_solaris_beta |
| symantec_veritas | cluster_server | 2.1 |
| symantec_veritas | cluster_server | 1.1.2_solaris |
| symantec_veritas | cluster_server | 4.0_linux |
| symantec_veritas | cluster_server | 2.1_linux_p1 |
| symantec_veritas | cluster_server | 2.0_solaris_beta |
| symantec_veritas | cluster_server | 2.1_linux |
| symantec_veritas | cluster_server | 3.5_mp2 |
| symantec_veritas | cluster_server | 2.0_solaris |
| symantec_veritas | cluster_server | 3.5 |
| symantec_veritas | cluster_server | 2.2_linux |
| symantec_veritas | cluster_server | 3.5_mp1 |
| symantec_veritas | cluster_server | 3.5_solaris |
| symantec_veritas | cluster_server | 1.1_solaris |
| symantec_veritas | cluster_server | 3.5_solaris_mp3 |
| symantec_veritas | cluster_server | 2.0_p2 |
| symantec_veritas | cluster_server | 1.3.1_hp-ux |
| symantec_veritas | cluster_server | 3.5_aix |
| symantec_veritas | cluster_server | 2.2_mp1 |
| symantec_veritas | cluster_server | 1.3_solaris_pre-ga |
| symantec_veritas | cluster_server | 2.0_p3 |
| symantec_veritas | cluster_server | 2.2_mp2 |
| symantec_veritas | cluster_server | 1.1.1_solaris |
| symantec_veritas | cluster_server | 2.2 |
| symantec_veritas | cluster_server | 2.0_linux |
| symantec_veritas | cluster_server | 1.0.1_solaris |
| symantec_veritas | cluster_server | 2.0_p4 |
| symantec_veritas | cluster_server | 2.2_linux_mp1p1 |
| symantec_veritas | cluster_server | 1.3_p3 |
| symantec_veritas | cluster_server | 2.0 |
| symantec_veritas | cluster_server | 3.5_solaris_mp1 |
| symantec_veritas | cluster_server | 2.0_aix |
| symantec_veritas | cluster_server | 4.0_linux_beta |
| symantec_veritas | cluster_server | 3.5_hp-ux |
| symantec_veritas | cluster_server | 1.3_p2 |
| symantec_veritas | cluster_server | 4.0_aix_beta |
| symantec_veritas | cluster_server | 4.0_aix |
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.0_rev.4454 |
| symantec_veritas | backup_exec | 9.0_rev.4367 |
| symantec_veritas | backup_exec | 10.0_rev.5484 |
| symantec_veritas | backup_exec | 9.1_rev.4691 |
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.0_rev.4454_sp1 |
| symantec_veritas | backup_exec | 9.0.4019 |
| symantec_veritas | backup_exec | 9.0.4172 |
| symantec_veritas | backup_exec | 9.1.1152.4 |
| symantec_veritas | backup_exec | 9.0_rev.4454 |
| symantec_veritas | backup_exec | 9.1_rev.4691_sp2 |
| symantec_veritas | backup_exec | 9.1.307 |
| symantec_veritas | backup_exec | 9.1.1067.2 |
| symantec_veritas | backup_exec | 9.0.4174 |
| symantec_veritas | backup_exec | 9.1.1151.1 |
| symantec_veritas | backup_exec | 10.0_rev.5484 |
| symantec_veritas | backup_exec | 9.1.1154 |
| symantec_veritas | backup_exec | 9.1_rev.4691 |
| symantec_veritas | backup_exec | 9.1.306 |
| symantec_veritas | backup_exec | 9.0.4170 |
| symantec_veritas | backup_exec | 10.0_rev.5484_sp1 |
| symantec_veritas | backup_exec | 9.1.1152 |
| symantec_veritas | backup_exec | 9.0_rev.4367 |
| symantec_veritas | backup_exec | 9.1.1127.1 |
| symantec_veritas | backup_exec | 9.0_rev.4367_sp1 |
| symantec_veritas | backup_exec | 9.0.4202 |
| symantec_veritas | backup_exec | 9.1.1067.3 |
Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | i3_focalpoint_server | 7.1 |
Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.1 |
| symantec_veritas | backup_exec | 9.0_rev.4454 |
| symantec_veritas | backup_exec | 10.0 |
| symantec_veritas | backup_exec | 9.0_rev.4367 |
| symantec_veritas | backup_exec | 9.0 |
| symantec_veritas | backup_exec | 10.0_rev.5484 |
| symantec_veritas | backup_exec | 9.1_rev.4691 |
Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.0_rev.4454 |
| symantec_veritas | backup_exec | 9.0_rev.4367 |
| symantec_veritas | backup_exec | 10.0_rev.5484 |
| symantec_veritas | backup_exec | 9.1_rev.4691 |
Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.0.4019 |
| symantec_veritas | backup_exec | 9.0.4172 |
| symantec_veritas | backup_exec | 9.1.1152.4 |
| symantec_veritas | backup_exec | 9.1 |
| symantec_veritas | backup_exec | 9.1.307 |
| symantec_veritas | backup_exec | 9.1.1067.2 |
| symantec_veritas | backup_exec | 9.0.4174 |
| symantec_veritas | backup_exec | 9.0 |
| symantec_veritas | backup_exec | 9.1.1151.1 |
| symantec_veritas | backup_exec | 9.1.1154 |
| symantec_veritas | backup_exec | 9.1.306 |
| symantec_veritas | backup_exec | 9.0.4170 |
| symantec_veritas | backup_exec | 9.1.1152 |
| symantec_veritas | backup_exec | 10.0 |
| symantec_veritas | backup_exec | 9.1.1127.1 |
| symantec_veritas | backup_exec | 9.0.4202 |
| symantec_veritas | backup_exec | 9.1.1067.3 |
NDMP server in Veritas NetBackup 5.1 allows attackers to cause a denial of service via a CONFIG message with an out-of-range timestamp, which triggers a null dereference.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | netbackup_server | 5.1 |
| symantec_veritas | netbackup_enterprise_server | 5.1 |
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | windows_servers_9.0 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp5 |
| symantec_veritas | backup_exec | netware_servers_9.0.4170 |
| symantec_veritas | backup_exec | netware_servers_9.0.4172 |
| symantec_veritas | backup_exec | netware_servers_9.0.4174 |
| symantec_veritas | backup_exec | windows_servers_9.1_rev._4691_sp2 |
| symantec_veritas | netbackup | netware_media_servers_5.0_mp2 |
| symantec_veritas | backup_exec | netware_servers_9.1.1127_.1 |
| symantec_veritas | netbackup | netware_media_servers_5.1_mp1 |
| symantec_veritas | backup_exec | netware_servers_9.1.1152_.4 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp1 |
| symantec_veritas | backup_exec | netware_servers_9.0.4019 |
| symantec_veritas | netbackup | netware_media_servers_5.0_mp3 |
| symantec_veritas | backup_exec | netware_servers_9.1.1151_.1 |
| symantec_veritas | backup_exec | netware_servers_9.0.4202 |
| symantec_veritas | backup_exec | windows_servers_9.1_rev._4691 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp3 |
| symantec_veritas | netbackup | netware_media_servers_5.0_mp5 |
| symantec_veritas | backup_exec | windows_servers_10.0_rev._5520 |
| symantec_veritas | netbackup | netware_media_servers_5.0_mp4 |
| symantec_veritas | backup_exec | windows_servers_9.0_rev._4367 |
| symantec_veritas | netbackup | netware_media_servers_5.0_mp1 |
| symantec_veritas | backup_exec | windows_servers_9.0_rev._4454_sp1 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp2 |
| symantec_veritas | backup_exec | netware_servers_9.1.307 |
| symantec_veritas | backup_exec_remote_agent | windows_server |
| symantec_veritas | backup_exec | windows_servers_10.0_rev._5484 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp5 |
| symantec_veritas | backup_exec | windows_servers_9.0_rev._4367_sp1 |
| symantec_veritas | backup_exec | windows_servers_9.0_rev._4454 |
| symantec_veritas | backup_exec_remote_agent | unix_linux_server |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp8 |
| symantec_veritas | backup_exec_remote_agent | netware_server |
| symantec_veritas | netbackup | netware_media_servers_5.1 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp8 |
| symantec_veritas | backup_exec | netware_servers_9.1.1067_.3 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp1 |
| symantec_veritas | backup_exec | netware_servers_9.1.1154 |
| symantec_veritas | backup_exec | windows_servers_9.1 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp3 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp7 |
| symantec_veritas | backup_exec | netware_servers_9.1.306 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp4 |
| symantec_veritas | netbackup | netware_media_servers_5.1_mp3 |
| symantec_veritas | backup_exec | netware_servers_9.1.1152 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp6 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp2 |
| symantec_veritas | backup_exec | netware_servers_9.1.1156 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp6 |
| symantec_veritas | backup_exec | windows_servers_8.6 |
| symantec_veritas | netbackup | netware_media_servers_4.5 |
| symantec_veritas | netbackup | netware_media_servers_5.1_mp2 |
| symantec_veritas | backup_exec | windows_servers_10.0_rev._5484_sp1 |
| symantec_veritas | netbackup | netware_media_servers_5.0 |
| symantec_veritas | backup_exec | netware_servers_9.1.1067_.2 |
| symantec_veritas | netbackup | netware_media_servers_4.5_mp7 |
| symantec_veritas | netbackup | netware_media_servers_4.5_fp4 |
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | netbackup_enterprise_server_client | 6.0 |
| symantec_veritas | netbackup_data_and_business_center | 4.5fp |
| symantec_veritas | netbackup_enterprise_server_client | 5.1 |
| symantec_veritas | netbackup_data_and_business_center | 4.5mp |
| symantec_veritas | netbackup_enterprise_server_client | 5.0 |
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | storagecentral | 5.2_rev._2190r |
| symantec_veritas | storage_exec | 5.3_rev._2190r |
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | netbackup | 5.0_with_mp2 |
| symantec_veritas | netbackup | 5.1_without_mp |
| symantec_veritas | netbackup | 5.0_with_mp5 |
| symantec_veritas | netbackup | 5.1_with_mp1 |
| symantec_veritas | netbackup | 5.1_with_mp2 |
| symantec_veritas | netbackup | 5.0_with_mp3 |
| symantec_veritas | netbackup | 5.1_with_mp3a |
| symantec_veritas | netbackup | 5.0_with_mp4 |
| symantec_veritas | netbackup | 5.0_with_mp1 |
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | cluster_server | 4.0_linux |
| symantec_veritas | storage_foundation | 3.5_solaris |
| symantec_veritas | storage_foundation_cluster_file_system | 4.0_linux |
| symantec_veritas | storage_foundation | 4.0_linux |
| symantec_veritas | cluster_server | 3.5_hp-ux_update_1 |
| symantec_veritas | sanpoint_control_quickstart | 3.5_solaris |
| symantec_veritas | storage_foundation | 2.2_linux |
| symantec_veritas | storage_foundation | 4.0_aix |
| symantec_veritas | cluster_server | 3.5_mp2 |
| symantec_veritas | cluster_server | 3.5 |
| symantec_veritas | storage_foundation | 4.0_solaris |
| symantec_veritas | cluster_server | 3.5_mp1j |
| symantec_veritas | storage_foundation_cluster_file_system | 4.0_solaris |
| symantec_veritas | cluster_server | 2.2_linux |
| symantec_veritas | cluster_server | 3.5_mp1 |
| symantec_veritas | cluster_server | 3.5_p1 |
| symantec_veritas | cluster_server | 3.5_solaris |
| symantec_veritas | cluster_server | 3.5_solaris_mp2 |
| symantec_veritas | cluster_server | 3.5_solaris_mp3 |
| symantec_veritas | cluster_server | 3.5_hp-ux_update_2 |
| symantec_veritas | storage_foundation | 2.2_vmware_esx |
| symantec_veritas | storage_foundation | 3.5_hp-ux |
| symantec_veritas | storage_foundation_cluster_file_system | 4.0_aix |
| symantec_veritas | cluster_server | 3.5_aix |
| symantec_veritas | cluster_server | 2.2_mp1 |
| symantec_veritas | cluster_server | 2.2_mp2 |
| symantec_veritas | storage_foundation | 3.4_aix |
| symantec_veritas | cluster_server | 2.2 |
| symantec_veritas | cluster_server | 4.0_solaris_mp1 |
| symantec_veritas | cluster_server | 4.0_solaris |
| symantec_veritas | cluster_server | 2.2_linux_mp1p1 |
| symantec_veritas | cluster_server | 3.5_solaris_beta |
| symantec_veritas | storage_foundation | 3.0_aix |
| symantec_veritas | cluster_server | 3.5_solaris_mp1 |
| symantec_veritas | cluster_server | 4.0_linux_beta |
| symantec_veritas | cluster_server | 3.5_hp-ux |
| symantec_veritas | cluster_server | 4.0_solaris_beta |
| symantec_veritas | storage_foundation | 1.0_aix |
| symantec_veritas | cluster_server | 4.0_aix_beta |
| symantec_veritas | cluster_server | 4.0_aix |
Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to "memory errors."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec_remote_agent | windows_server_10.1 |
| symantec_veritas | backup_exec | netware_server_9.2 |
| symantec_veritas | backup_exec | netware_server_9.1 |
| symantec_veritas | backup_exec_remote_agent | unix_linux_server_10.1 |
| symantec_veritas | backup_exec_remote_agent | netware_server_9.2 |
| symantec_veritas | backup_exec_remote_agent | windows_server_10.0 |
| symantec_veritas | backup_exec_remote_agent | netware_server_9.1 |
| symantec_veritas | backup_exec_remote_agent | windows_server_9.1 |
Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted filename on a machine that is backed up by Backup Exec.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec_veritas | backup_exec | 9.1 |
| symantec_veritas | backup_exec | 10.0 |