Intrusion Prevention

Veritas.Backup.Exec.Agent.CONNECT_CLIENT_AUTH.Buffer.Overflow

Description

It indicates a possible exploit of a buffer overflow vulnerability in VERITAS Backup Exec Remote Agent.
This issue occurs when handling authentication requests.

Affected Products

Veritas Software Backup Exec for Windows Servers 10.0 rev. 5484 SP1
Veritas Software Backup Exec for Windows Servers 10.0 rev. 5484
Veritas Software Backup Exec for Windows Servers 9.1 rev. 4691 SP2
Veritas Software Backup Exec for Windows Servers 9.1 rev. 4691
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4454 SP1
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4454
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4367 SP1
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4367
Veritas Software Backup Exec for NetWare Servers 9.1.1154
Veritas Software Backup Exec for NetWare Servers 9.1.1152 .4
Veritas Software Backup Exec for NetWare Servers 9.1.1152
Veritas Software Backup Exec for NetWare Servers 9.1.1151 .1
Veritas Software Backup Exec for NetWare Servers 9.1.1127 .1
Veritas Software Backup Exec for NetWare Servers 9.1.1067 .3
Veritas Software Backup Exec for NetWare Servers 9.1.1067 .2
Veritas Software Backup Exec for NetWare Servers 9.1.307
Veritas Software Backup Exec for NetWare Servers 9.1.306
Veritas Software Backup Exec for NetWare Servers 9.0.4202
Veritas Software Backup Exec for NetWare Servers 9.0.4174
Veritas Software Backup Exec for NetWare Servers 9.0.4172
Veritas Software Backup Exec for NetWare Servers 9.0.4170
Veritas Software Backup Exec for NetWare Servers 9.0.4019

Impact

Execute arbitrary code

Recommended Actions

Fixes are available:
Veritas Software Backup Exec for Windows Servers 10.0 rev. 5484 SP1
* Veritas Software be5484RHF24_275514.exe
http://support.veritas.com/docs/275514
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4367 SP1
* Veritas Software be4367RHF21_276156.exe
http://support.veritas.com/docs/276156
Veritas Software Backup Exec for Windows Servers 9.0 rev. 4454 SP1
* Veritas Software be4454RHF31_275911.exe
http://support.veritas.com/docs/275911
Veritas Software Backup Exec for NetWare Servers 9.0.4202
* Veritas Software B904202HF1_277423.EXE
http://support.veritas.com/docs/277423
Veritas Software Backup Exec for Windows Servers 9.1 rev. 4691 SP2
* Veritas Software be4691RHF52_275909.exe
http://support.veritas.com/docs/275909

CVE References

CVE-2005-0773