Veritas Backup Denial of Service Vulnerability
BID:2204
Info
Veritas Backup Denial of Service Vulnerability
| Bugtraq ID: | 2204 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2001-0107 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jan 15 2001 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | Discovered and posted to Bugtraq on Jan 15, 2001 by Ari Saastamoinen <[email protected]>. |
| Vulnerable: |
Veritas Software Backup 4.5 |
| Not Vulnerable: | |
Discussion
Veritas Backup Denial of Service Vulnerability
Backup is a data protection software by Veritas. Backup is subject to a denial of service.
Veritas offers a linux agent which listens on port 8192. If an attacker connects to this service, but does not send any data, the service will block until the connection is terminated. The result is a denial of service. This condition is likely due to improper handling of network i/o.
A restart of this service is required in order to gain normal functionality.
Backup is a data protection software by Veritas. Backup is subject to a denial of service.
Veritas offers a linux agent which listens on port 8192. If an attacker connects to this service, but does not send any data, the service will block until the connection is terminated. The result is a denial of service. This condition is likely due to improper handling of network i/o.
A restart of this service is required in order to gain normal functionality.
Solution / Fix
Veritas Backup Denial of Service Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].