Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:VERITAS:NETBCKP-CMD-EXEC |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Veritas NetBackup Remote Command Execution |
Release Date |
2009/11/05 |
Update Number |
1539 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Veritas NetBackup Remote Command Execution
This signature detects attempts to exploit a known vulnerability against Veritas NetBackup, which allows arbitrary command execution on an ephemeral port opened by Veritas NetBackup, at the same time an administrator is authenticated. The port is opened and allows direct console access as root or SYSTEM from any source address. A successful attack can lead to arbitrary code execution.
Extended Description
Veritas NetBackup is reported prone to a privilege escalation vulnerability. This issue may allow remote attackers to gain elevated privileges on a vulnerable computer. An attacker can supply specially crafted commands to the server, which execute with superuser privileges.
Affected Products
- Veritas_software netbackup_businesserver 3.4.0
- Veritas_software netbackup_businesserver 3.4.1
- Veritas_software netbackup_businesserver 4.5.0
- Veritas_software netbackup_datacenter 3.4.0
- Veritas_software netbackup_datacenter 3.4.1
- Veritas_software netbackup_datacenter 4.5.0
- Veritas_software netbackup_enterprise_server 5.1.0
- Veritas_software netbackup_server 5.0.0
- Veritas_software netbackup_server 5.1.0
References
- BugTraq: 11494
- CVE: CVE-2004-1389
- URL: http://seer.support.veritas.com/docs/271727.htm