Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
BID:23897
Info
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
| Bugtraq ID: | 23897 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-3509 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 11 2007 12:00AM |
| Updated: | Jul 12 2007 03:37AM |
| Credit: | An anonymous reporter is credited with the discovery of this vulnerability. This issue was reported to Symantec by iDefense. |
| Vulnerable: |
Symantec Veritas Backup Exec for Windows Servers 11d Symantec Veritas Backup Exec for Windows Servers 10d Symantec Veritas Backup Exec for Windows Servers 10.0 |
| Not Vulnerable: | |
Discussion
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
Symantec Veritas Backup Exec for Windows Server is prone to a heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
Symantec Veritas Backup Exec for Windows Server is prone to a heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
Exploit / POC
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
Solution:
Symantec engineers have addressed this issue in all currently supported versions of the identified products. Security updates are available for all supported products.
Further information is available through the references. Fixes can be obtained through Veritas enterprise support channels. See http://support.veritas.com/docs/289283 for details.
Symantec Veritas Backup Exec for Windows Servers 11d
Symantec Veritas Backup Exec for Windows Servers 10d
Symantec Veritas Backup Exec for Windows Servers 10.0
Solution:
Symantec engineers have addressed this issue in all currently supported versions of the identified products. Security updates are available for all supported products.
Further information is available through the references. Fixes can be obtained through Veritas enterprise support channels. See http://support.veritas.com/docs/289283 for details.
Symantec Veritas Backup Exec for Windows Servers 11d
-
Symantec be6235RHF24_32bit_289292.exe
Backup Exec 11d for Windows Servers revision 6235 32bit Media Server
http://seer.entsupport.symantec.com/docs/289292.htm -
Symantec be6235RHF24_x64bit_289293.exe
Backup Exec 11d for Windows Servers revision 6235 x64bit Media Server
http://seer.entsupport.symantec.com/docs/289293.htm -
Symantec be7170RHF9_32bit_289294.exe
Backup Exec 11d for Windows Servers revision 7170 32bit Media Server
http://seer.entsupport.symantec.com/docs/289294.htm -
Symantec be7170RHF9_x64bit_289295.exe
Backup Exec 11d for Windows Servers revision 7170 x64bit Media Server
http://seer.entsupport.symantec.com/docs/289295.htm
Symantec Veritas Backup Exec for Windows Servers 10d
-
Symantec be5629RHF49_289291.exe
Backup Exec 10d for Windows Servers revision 5629
http://seer.entsupport.symantec.com/docs/289291.htm
Symantec Veritas Backup Exec for Windows Servers 10.0
-
Symantec BE5484RHF40_289289.exe
Backup Exec 10.0 for Windows Servers revision 5484
http://seer.support.veritas.com/downloads/export.asp?ddProduct=BEWNT&f ile=BE5484RHF40_289289.exe&source=1&url=/pub/support/products/Backup_E xec_for_WindowsNT/&id=289289 -
Symantec BE5520RHF37_289290.exe
Backup Exec 10.0 for Windows Servers revision 5520
http://seer.support.veritas.com/downloads/export.asp?ddProduct=BEWNT&f ile=BE5520RHF37_289290.exe&source=1&url=/pub/support/products/Backup_E xec_for_WindowsNT/&id=289290
References
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
References:
References:
- Symantec Backup Exec 10.x and 11d for Windows Servers: Patch Summary for Securit (Symantec)
- Symantec Backup Exec Homepage (Symantec )
- iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overfl ( iDefense Labs)
- iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overfl (iDefense Labs )
- SYM07-015 Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow, (Symantec)
- SYM07-015: Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow (Symantec)
- Vulnerability Note VU#213697 Symantec Backup Exec contains heap overflow in RPC (US-CERT)