CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-0305
https://notcve.org/view.php?id=CVE-2012-0305
23 Jul 2012 — Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de path de búsqueda no confiable en Symantec System Recovery 2011 anteriores a SP2 y Backup Exec System Recovery 2010 anteriores a SP5, podría permitir a usuario locales obtener privilegios a través de una DLL troyanizada en el directorio de trabajo actual. • http://www.securityfocus.com/bid/54594 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2008-2512
https://notcve.org/view.php?id=CVE-2008-2512
02 Jun 2008 — Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. Una vulnerabilidad de salto de directorio en Symantec Backup Exec System Recovery Manager versiones 7.x anteriores a 7.0.4 y versiones 8.x anteriores a 8.0.2, permite a los atacantes remotos leer archivos arbitrarios por medio de vectores no especificados. • http://secunia.com/advisories/30432 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 29%CPEs: 2EXPL: 3CVE-2008-0457 – Symantec Backup Exec Remote File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2008-0457
06 Feb 2008 — Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors. Una vulnerabilidad de carga de archivos sin restricciones en la clase FileUpload que se ejecuta en el servidor Symantec LiveState Apache Tomcat, tal y como es usado por Symantec Backup Exec System Recovery Manager versiones 7.0 y 7.0.1... • https://www.exploit-db.com/exploits/5078 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2007-4346
https://notcve.org/view.php?id=CVE-2007-4346
29 Nov 2007 — The Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allows remote attackers to cause a denial of service (NULL dereference and service crash) via a crafted packet to port 5633/tcp. El servicio Job Engine (bengine.exe) de Symantec Backup Exec for Windows Servers (BEWS) 11d buils 11.0.7170 y 11.0.6.6235 permite a atacantes remotos provocar una denegación de servicio (referencia a NULL y caída del servicio) mediante un paquete manipulado a... • http://secunia.com/advisories/26975 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-4347
https://notcve.org/view.php?id=CVE-2007-4347
29 Nov 2007 — Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allow remote attackers to cause a denial of service (CPU and memory consumption) via a crafted packet to port 5633/tcp, which triggers an infinite loop. Múltiples desbordamientos de entero en el servicio Job Engine (bengine.exe) de Symantec Backup Exec para Windows Servers (BEWS) 11d build 11.0.7170 y 11.0.6.6235 permite a atacantes remotos provocar una de... • http://secunia.com/advisories/26975 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2007-2359
https://notcve.org/view.php?id=CVE-2007-2359
30 Apr 2007 — Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string. Desbordamiento de búfer en Ghost Service Manager, tal y como se usa en Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery versiones anteriores a 20070426, permite a usuarios locales obtener privilegios mediante una cadena larga. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2007-2360
https://notcve.org/view.php?id=CVE-2007-2360
30 Apr 2007 — Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key. Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery anterior a 20070426, cuando están los backups remotos de las imágenes del punto de rest... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520 •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2007-2361
https://notcve.org/view.php?id=CVE-2007-2361
30 Apr 2007 — Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file. Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery versiones anteriores a 20070426, cuando están configurados copias de res... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520 •