Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1117

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-1117
Last Modified 05 Sep 2008 04:29:50
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1117

Summary

Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.

Vulnerable Systems

Application

  • Symantec Veritas Backup Exec 8.5


References

BUGTRAQ - 20020906 UPDATE: (Was Veritas Backup Exec opens networks for NetBIOS based attacks?)

XF - veritas-backupexec-restrictanonymous-zero(10093)

CONFIRM - http://seer.support.veritas.com/docs/238618.htm

OSVDB - 8230

BUGTRAQ - 20020906 Veritas Backup Exec opens networks for NetBIOS based attacks?


Last Updated: 27 May 2016 10:37:12