Page 3 of 15 results (0.010 seconds)

CVSS: 7.5EPSS: 13%CPEs: 2EXPL: 0

VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference. • http://secunia.com/advisories/15789 http://securitytracker.com/id?1014273 http://seer.support.veritas.com/docs/276533.htm http://seer.support.veritas.com/docs/277485.htm http://www.idefense.com/application/poi/display?id=270&type=vulnerabilities&flashstatus=true http://www.idefense.com/application/poi/display?id=271&type=vulnerabilities • CWE-476: NULL Pointer Dereference •

CVSS: 10.0EPSS: 96%CPEs: 4EXPL: 0

VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106. • http://secunia.com/advisories/15789 http://securitytracker.com/id?1014273 http://seer.support.veritas.com/docs/276605.htm http://seer.support.veritas.com/docs/277429.htm http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/584505 http://www.us-cert.gov/cas/techalerts/TA05-180A.html •

CVSS: 7.5EPSS: 96%CPEs: 22EXPL: 2

Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. • https://www.exploit-db.com/exploits/16332 http://secunia.com/advisories/15789 http://securitytracker.com/id?1014273 http://seer.support.veritas.com/docs/276604.htm http://seer.support.veritas.com/docs/277429.htm http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/492105 http://www.osvdb.org/17624 http://www.securityfocus.com/bid/14022 http://www.us-cert.gov/cas/techalerts/TA05-180A.html •

CVSS: 10.0EPSS: 95%CPEs: 5EXPL: 2

Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname. • https://www.exploit-db.com/exploits/750 https://www.exploit-db.com/exploits/16331 http://secunia.com/advisories/13495 http://seer.support.veritas.com/docs/273419.htm http://seer.support.veritas.com/docs/273420.htm http://seer.support.veritas.com/docs/273422.htm http://seer.support.veritas.com/docs/273850.htm http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php http://www.idefense.com/application/poi/display?id=169 http://www.kb.cert.org/vuls/id/907729 http&# •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares. • http://marc.info/?l=bugtraq&m=103134395124579&w=2 http://marc.info/?l=bugtraq&m=103134930629683&w=2 http://seer.support.veritas.com/docs/238618.htm http://www.osvdb.org/8230 https://exchange.xforce.ibmcloud.com/vulnerabilities/10093 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1036 •