Veritas.Backup.Exec.Agent.Invalid.Error.Status.DoS
Description
Indicates a possible exploit of denial of service vulnerability in Veritas Software Backup Exec agent software.
Veritas Backup Exec is a backup and recovery software solution for Windows and Unix based server systems. A vulnerability is reported in it that may allow an attacker to crash the agent system resulting a denial of service condition. This is due to Backup Exec agent's failure to properly handle request packets with an unexpected "Error Status" value. An attacker may send crafted packets with any Error Status, other than "0", that will cause a null pointer dereference, resulting denial of service.
Affected Products
Veritas Software Backup Exec 10.0 rev. 5484 SP1, NetBackup for NetWare Media Servers 5.1 MP3 and earlier versions.
Impact
Denial of Service.
Recommended Actions
Apply appropriate patch according to vendor recommendation http://seer.support.veritas.com/docs/277485.htm
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |