CVE-2008-4339
https://notcve.org/view.php?id=CVE-2008-4339
Unspecified vulnerability in the Java Administration GUI (jnbSA) in Symantec Veritas NetBackup Server and NetBackup Enterprise Server 5.1 before MP7, 6.0 before MP7, and 6.5 before 6.5.2 allows remote authenticated users to gain privileges via unknown attack vectors related to "bpjava* binaries." Vulnerabilidad no especificada en Java Administration GUI (jnbSA) de Symantec Veritas NetBackup Server y NetBackup Enterprise Server v5.1 antes de MP7, v6.0 antes de MP7, y v6.5 antes de v6.5.2 permite a usuarios autenticados obtener privilegios a través de vectores de ataque desconocidos relacionados a "binarios bpjava*" • http://sunsolve.sun.com/search/document.do?assetkey=1-26-239908-1 http://www.securityfocus.com/bid/31221 http://www.securitytracker.com/id?1020928 http://www.symantec.com/avcenter/security/Content/2008.09.24a.html http://www.vupen.com/english/advisories/2008/2672 https://exchange.xforce.ibmcloud.com/vulnerabilities/45386 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2005-2715 – VERITAS NetBackup Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2715
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the 'COMMAND_LOGON_TO_MSERVER' command. The vulnerable daemon listens on TCP port 13722 and affects both NetBackup clients and servers. • https://www.exploit-db.com/exploits/1263 https://www.exploit-db.com/exploits/1265 https://www.exploit-db.com/exploits/1264 http://secunia.com/advisories/17181 http://securitytracker.com/id?1015028 http://seer.support.veritas.com/docs/279085.htm http://sunsolve.sun.com/search/document.do?assetkey=1-26-102054-1 http://www.kb.cert.org/vuls/id/495556 http://www.securityfocus.com/bid/15079 http://www.symantec.com/avcenter/security/Content/2005.10.12.html http:// •
CVE-2005-2389
https://notcve.org/view.php?id=CVE-2005-2389
NDMP server in Veritas NetBackup 5.1 allows attackers to cause a denial of service via a CONFIG message with an out-of-range timestamp, which triggers a null dereference. NDMP server en Veritas NetBackup 5.1 permite que atacantes causen una denegación de servicio mediante un mensaje CONFIG con fecha fuera de rango, lo que provoca intento de acceso a puntero nulo. • http://secunia.com/advisories/16187 http://www.hat-squad.com/en/000170.html •