The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230).
Attack Complexity
Low
AC
The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Symantec Security Advisory
SYM06-004
17 March 2006
Veritas Backup Exec: Application Memory Denial of Service
Revision History
None
Severity
Medium
Remote Access - Yes
Local Access - No
Authentication Required -No
Exploit publicly available - No
Overview
During internal reviews of supported Backup Exec products and versions,
Symantec identified and fixed memory errors that could result in a process
crash or a denial of service (DoS) preventing ongoing backup capability
until Backup services are restarted.
Supported Product(s) and Agent Affected
Backup Exec for Windows Server Remote Agent9.1
Backup Exec for Windows Server Remote Agent 10.0
Backup Exec for Windows Server Remote Agent 10.1
Backup Exec for Netware Servers 9.1
Backup Exec for Netware Servers 9.2
Backup Exec for Netware Servers Remote Agent 9.1
Backup Exec for Netware Servers Remote Agent 9.2
Remote Agent for Linux Servers 10.0
Remote Agent for Linux Servers 10.1
Full Advisory available at
http://www.symantec.com/avcenter/security/Content/2006.03.17a.html
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 (Build 5050)
iQA/AwUBRBsfOpIF/uvuJQrOEQK8KwCeL0VQ0EVHZ/bmC7YaKBvWPZkqNI0AoK4/
oAakTkgv/XIhQnubLh+CPEXK
=Chj1
-----END PGP SIGNATURE-----
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum