Veritas Exploit In The Wild

Get the WebProNews Newsletter:

[ Business]

A patch has been made available for Veritas Backup Exec, which is vulnerable to a buffer overflow exploit.

An increase of port scanning for machines listening on 10000/tcp for incoming connections led the US CERT team to believe malicious activity targeted at a new vulnerability was taking place.

The Veritas Backup Exec Remote Agent for Windows Servers turned out to be the application listening for those connections. Upon investigation, it was found a buffer overflow could allow a remote attacker to execute arbitrary code with administrative privileges on a system.

The company has released a patch to correct the problem. US-CERT and security company iDefense have verified the patch does correct the problem.

For further protection, administrators should ensure connections through a firewall to port 10000 be limited only to backup servers specifically. Veritas is in the process of merging with security company Symantec, which offers firewall products in its catalog.

David Utter is a staff writer for WebProNews covering technology and business. Email him here.

Veritas Exploit In The Wild
Comments Off on Veritas Exploit In The Wild
Top Rated White Papers and Resources

Comments are closed.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom