Symantec Backup Exec for Windows Servers data management protocol buffer overflow
| backupexec-dataprotocol-bo (46731) |  High Risk |
Description:
Symantec Backup Exec for Windows Servers is vulnerable to a buffer overflow, caused by improper bounds checking by the data management protocol. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
*CVSS:
| Base Score: | 6.5 |
| Access Vector: | Network |
| Access Complexity: | Low |
| Authentication: | Single |
| Confidentiality Impact: | Partial |
| Integrity Impact: | Partial |
| Availability Impact: | Partial |
| Temporal Score: | 4.8 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Gain Access
Remedy:
Refer to SYM08-021 for patch, upgrade or suggested workaround information. See References.
References:
- SYM08-021 : Symantec Backup Exec Authentication Bypass and Potential Buffer Overflow .
- BID-32346: Symantec Backup Exec Data Management Protocol Buffer Overflow Vulnerability
- CVE-2008-5408: Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2008-5407.
- SA32810: Symantec Backup Exec for Windows Servers Multiple Vulnerabilities
- SECTRACK ID: 1021246: Symantec Backup Exec Lets Remote Users Bypass Authentication and Execute Arbitrary Code on the Target System
- VUPEN/ADV-2008-3209: Symantec Backup Exec Security Bypass and Overflow Vulnerabilities
Platforms Affected:
- Symantec Backup Exec for Windows Servers 11d_build_6235
- Symantec Backup Exec for Windows Servers 11d_build_7170
- Symantec Backup Exec for Windows Servers 12.5_build_2213
- Symantec Backup Exec for Windows Servers 12_build_1364
Reported:
Nov 19, 2008
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.