CVE-2006-4228
https://notcve.org/view.php?id=CVE-2006-4228
Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before MP1 20060816 allows remote attackers to bypass authentication and gain privileges via unknown attack vectors in the management interface. Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 anterior a MP1 16/08/2006 permite a atacantes remotos evitar la autenticación y obtener privilegios mediante vectores de ataque desconocidos en la interfaz de administración. • http://secunia.com/advisories/21507 http://securityreason.com/securityalert/1412 http://securityresponse.symantec.com/avcenter/security/Content/2006.08.16.html http://securitytracker.com/id?1016704 http://seer.entsupport.symantec.com/docs/284734.htm http://www.securityfocus.com/archive/1/443395/100/0/threaded http://www.securityfocus.com/archive/1/443520/100/0/threaded http://www.securityfocus.com/bid/19524 http://www.vupen.com/english/advisories/2006/3299 https://exchange.xforce.ib •
CVE-2006-4128
https://notcve.org/view.php?id=CVE-2006-4128
Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message. Múliples desbordamientos de búfer en Symantec VERITAS Backup Exec para Netware Server Remote Agent para Windows Server 9.1 y 9.2 (todas las construcciones), Backup Exec Continuous Protection Server Remote Agent para Windows Server 10.1 (10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, y 10.1.327.401), y Backup Exec para Windows Server y Remote Agent 9.1 (9.1.4691), 10.0 (10.0.5484 y 10.0.5520), y 10.1 (10.1.5629) permite a un atacante remoto provocar denegación de servicio (caida de aplicación) y posiblemente ejecutar código de su elección a través de mensajes RPC manipulados. • http://secunia.com/advisories/21472 http://securityreason.com/securityalert/1380 http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html http://securitytracker.com/id?1016683 http://seer.entsupport.symantec.com/docs/284623.htm http://www.kb.cert.org/vuls/id/647796 http://www.securityfocus.com/archive/1/443037/100/0/threaded http://www.securityfocus.com/bid/19479 http://www.vupen.com/english/advisories/2006/3266 https://exchange.xforce.ibmcloud.com/vulnerabilitie •
CVE-2006-0991
https://notcve.org/view.php?id=CVE-2006-0991
Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to execute arbitrary code via crafted "Request Service" packets to the vnetd service (TCP port 13724). • http://secunia.com/advisories/19417 http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://securitytracker.com/id?1015832 http://seer.support.veritas.com/docs/281521.htm http://www.kb.cert.org/vuls/id/377441 http://www.securityfocus.com/archive/1/428979/100/0/threaded http://www.securityfocus.com/bid/17264 http://www.tippingpoint.com/security/advisories/TSRT-06-01.html http://www.vupen.com/english/advisories/2006/1124 https://exchange.xforce. •
CVE-2006-0989 – Symantec VERITAS NetBackup Volume Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0989
Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the volume manager daemon (vmd.exe) due to incorrect bounds checking during a call to sscanf() that copies user-supplied data to a stack-based buffer. The vulnerable daemon listens on TCP port 13701. • http://securityreason.com/securityalert/639 http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://securitytracker.com/id?1015832 http://seer.support.veritas.com/docs/281521.htm http://www.kb.cert.org/vuls/id/880801 http://www.osvdb.org/24172 http://www.securityfocus.com/archive/1/428944/100/0/threaded http://www.securityfocus.com/bid/17264 http://www.vupen.com/english/advisories/2006/1124 http://www.zerodayinitiative.com/advisories/ZDI-06-005 •
CVE-2006-0990 – Symantec VERITAS NetBackup Database Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0990
Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetBackup Database Manager service (bpdbm.exe) due to insufficient bounds checking during a call to sprintf() that copies user-supplied data to a stack-based buffer. The vulnerable daemon listens on TCP port 13721. • http://secunia.com/advisories/19417 http://securityreason.com/securityalert/642 http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://securitytracker.com/id?1015832 http://seer.support.veritas.com/docs/281521.htm http://www.kb.cert.org/vuls/id/744137 http://www.securityfocus.com/archive/1/428988/100/0/threaded http://www.securityfocus.com/archive/1/428992/100/0/threaded http://www.securityfocus.com/bid/17264 http://www.vupen.com/english/advis •