CVE-2006-4128

Severity Score

6.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message.

Múliples desbordamientos de búfer en Symantec VERITAS Backup Exec para Netware Server Remote Agent para Windows Server 9.1 y 9.2 (todas las construcciones), Backup Exec Continuous Protection Server Remote Agent para Windows Server 10.1 (10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, y 10.1.327.401), y Backup Exec para Windows Server y Remote Agent 9.1 (9.1.4691), 10.0 (10.0.5484 y 10.0.5520), y 10.1 (10.1.5629) permite a un atacante remoto provocar denegación de servicio (caida de aplicación) y posiblemente ejecutar código de su elección a través de mensajes RPC manipulados.

*Credits: N/A

CVSS Scores

NISTv2 6.5

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-08-14 CVE Reserved
2006-08-14 CVE Published
2023-05-11 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
http://securityreason.com/securityalert/1380	Third Party Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html	X_refsource_confirm
http://securitytracker.com/id?1016683	Vdb Entry
http://www.kb.cert.org/vuls/id/647796	Third Party Advisory
http://www.securityfocus.com/archive/1/443037/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/19479	Vdb Entry
http://www.vupen.com/english/advisories/2006/3266	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28336	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/21472	2018-10-17
http://seer.entsupport.symantec.com/docs/284623.htm	2018-10-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				9.1 Search vendor "Symantec Veritas" for product "Backup Exec" and version "9.1"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				9.1_build9.1.4691 Search vendor "Symantec Veritas" for product "Backup Exec" and version "9.1_build9.1.4691"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				9.2 Search vendor "Symantec Veritas" for product "Backup Exec" and version "9.2"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.0 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.0"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.0_build10.0.5484 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.0_build10.0.5484"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.0_build10.0.5520 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.0_build10.0.5520"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1"		windows_server_remote_agent		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1.325.6301 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1.325.6301"		-		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1.326.1401 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1.326.1401"		-		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1.326.2501 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1.326.2501"		-		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1.326.3301 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1.326.3301"		-		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1.327.401 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1.327.401"		-		Affected
Symantec Veritas Search vendor "Symantec Veritas"		Backup Exec Search vendor "Symantec Veritas" for product "Backup Exec"				10.1_build10.1.5629 Search vendor "Symantec Veritas" for product "Backup Exec" and version "10.1_build10.1.5629"		windows_server_remote_agent		Affected