CVSS: 9.8EPSS: 15%CPEs: 10EXPL: 0CVE-2006-0989 – Symantec VERITAS NetBackup Volume Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0989
27 Mar 2006 — Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the volume manager daemon (vmd.exe) due to incorrect bounds c... • http://securityreason.com/securityalert/639 •
CVSS: 9.8EPSS: 15%CPEs: 10EXPL: 0CVE-2006-0990 – Symantec VERITAS NetBackup Database Manager Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-0990
27 Mar 2006 — Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. This vulnerability allows remote attackers to execute arbitrary code on vulnerable Symantec VERITAS NetBackup installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetBackup Database Manager service (bpdbm.exe) due to... • http://secunia.com/advisories/19417 •
CVSS: 10.0EPSS: 55%CPEs: 9EXPL: 3CVE-2005-3116 – Veritas NetBackup 4/5 - Volume Manager Daemon Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-3116
18 Nov 2005 — Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. • https://www.exploit-db.com/exploits/1421 •
CVSS: 10.0EPSS: 66%CPEs: 5EXPL: 4CVE-2005-2715 – VERITAS NetBackup Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2715
12 Oct 2005 — Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the bpjava-... • https://www.exploit-db.com/exploits/1263 •
CVSS: 10.0EPSS: 80%CPEs: 57EXPL: 4CVE-2005-2611 – Veritas Backup Exec (Windows) - Remote File Access
https://notcve.org/view.php?id=CVE-2005-2611
17 Aug 2005 — VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server. • https://packetstorm.news/files/id/180901 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-2389
https://notcve.org/view.php?id=CVE-2005-2389
27 Jul 2005 — NDMP server in Veritas NetBackup 5.1 allows attackers to cause a denial of service via a CONFIG message with an out-of-range timestamp, which triggers a null dereference. NDMP server en Veritas NetBackup 5.1 permite que atacantes causen una denegación de servicio mediante un mensaje CONFIG con fecha fuera de rango, lo que provoca intento de acceso a puntero nulo. • http://secunia.com/advisories/16187 •
CVSS: 9.8EPSS: 35%CPEs: 9EXPL: 1CVE-2004-1389 – Veritas NetBackup - Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1389
31 Dec 2004 — Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature. • https://www.exploit-db.com/exploits/9941 •
CVSS: 9.8EPSS: 25%CPEs: 62EXPL: 2CVE-2002-1374 – MySQL 3.23.x/4.0.x - 'COM_CHANGE_USER' Password Length Account
https://notcve.org/view.php?id=CVE-2002-1374
23 Dec 2002 — The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. El comando COM_CHANGE_USER en MySQL 3.x anterirores de 3.23.54 y 4.x anteriores a 4.0.5 permite a atacantes remotos ganar privilegios mediante un ataque de fuerza bruta usando una contraseña de un carácter, lo que hace que MyS... • https://www.exploit-db.com/exploits/22084 •
CVSS: 9.8EPSS: 15%CPEs: 62EXPL: 1CVE-2002-1375 – MySQL 3.23.x/4.0.x - COM_CHANGE_USER Password Memory Corruption
https://notcve.org/view.php?id=CVE-2002-1375
23 Dec 2002 — The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. El comando COM_CHANGE_USER en MySQL 3.x anteriores a 2.23.54 y 4.x anterior a 4.0.6 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta larga. • https://www.exploit-db.com/exploits/22085 •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2002-1376
https://notcve.org/view.php?id=CVE-2002-1376
17 Dec 2002 — libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. La librería de cliente libmysqlclient en MySQL 3.x a 3.23.54 y 4.x a 4.06, no verifica adecuadamente longitudes de campos de ciertas respuestas en las rutinas read_rows o read_one_row, lo que permite a a atacantes remotos causar un... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000555 •