Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0772

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0772
Last Modified 07 Mar 2011 09:20:33
Published 28 Jun 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0772

Summary

VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference.

Vulnerable Systems

Application

  • Symantec Veritas Backup Exec 10.0

  • Symantec Veritas Backup Exec 10.0 Sp1


References

IDEFENSE - 20050623 Veritas Backup Exec Agent Error Status Remote DoS Vulnerability

IDEFENSE - 20050623 Veritas Backup Exec Remote Agent NDMLSRVR.DLL DoS Vulnerability

CONFIRM - http://seer.support.veritas.com/docs/277485.htm

CONFIRM - http://seer.support.veritas.com/docs/276533.htm

SECTRACK - 1014273

SECUNIA - 15789


Last Updated: 27 May 2016 10:39:56