Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:3084 |
Message | EXPLOIT Veritas backup overflow attempt |
Summary | This event is generated when an attempt is made to exploit a vulnerability associated with the Veritas Back Exec Agent Browser. |
Impact | Serious. Execution of arbitrary commands may be possible. |
Detailed Information | The Veritas Backup Agent Browser is the server component of the Backup Exec software employed to provide a backup solution. Client agents communicate with the Backup Agent Browser. A registration request from a client that contains an overly long hostname value can cause a buffer overflow and the subsequent execution of arbitrary code on a vulnerable server. |
Affected Systems | Veritas Software Backup Exec 8.0, 8.5, 8.6, 9.0, 9.1 |
Attack Scenarios | An attacker can craft a registration request that contains an overly long hostname, causing a buffer overflow. |
Ease of Attack | Simple. |
Corrective Action | Upgrade to the most current nonaffected version of the software. |
Additional References | |
Rule References | bugtraq: 11974 cve: 2004-1172 |
--
DID:170933
--
http://www.aanval.com/