CVE-2006-0989 – Symantec VERITAS NetBackup Volume Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0989
Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the volume manager daemon (vmd.exe) due to incorrect bounds checking during a call to sscanf() that copies user-supplied data to a stack-based buffer. The vulnerable daemon listens on TCP port 13701. • http://securityreason.com/securityalert/639 http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://securitytracker.com/id?1015832 http://seer.support.veritas.com/docs/281521.htm http://www.kb.cert.org/vuls/id/880801 http://www.osvdb.org/24172 http://www.securityfocus.com/archive/1/428944/100/0/threaded http://www.securityfocus.com/bid/17264 http://www.vupen.com/english/advisories/2006/1124 http://www.zerodayinitiative.com/advisories/ZDI-06-005 •
CVE-2006-0990 – Symantec VERITAS NetBackup Database Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0990
Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetBackup Database Manager service (bpdbm.exe) due to insufficient bounds checking during a call to sprintf() that copies user-supplied data to a stack-based buffer. The vulnerable daemon listens on TCP port 13721. • http://secunia.com/advisories/19417 http://securityreason.com/securityalert/642 http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://securitytracker.com/id?1015832 http://seer.support.veritas.com/docs/281521.htm http://www.kb.cert.org/vuls/id/744137 http://www.securityfocus.com/archive/1/428988/100/0/threaded http://www.securityfocus.com/archive/1/428992/100/0/threaded http://www.securityfocus.com/bid/17264 http://www.vupen.com/english/advis •
CVE-2005-3116 – Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-3116
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. • https://www.exploit-db.com/exploits/1421 http://secunia.com/advisories/17503 http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html http://securitytracker.com/id?1015170 http://seer.support.veritas.com/docs/279553.htm http://www.idefense.com/application/poi/display?id=336&type=vulnerabilities http://www.kb.cert.org/vuls/id/574662 http://www.osvdb.org/20674 http://www.securityfocus.com/archive/1/422066/100/0/threaded http://www.securityfocus.com/archi •
CVE-2004-1389 – Veritas NetBackup - Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1389
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature. • https://www.exploit-db.com/exploits/9941 http://secunia.com/advisories/12901 http://seer.support.veritas.com/docs/271727.htm http://www.ciac.org/ciac/bulletins/p-020.shtml http://www.kb.cert.org/vuls/id/685456 http://www.securityfocus.com/bid/11494 https://exchange.xforce.ibmcloud.com/vulnerabilities/17811 •