Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2611

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-2611
Last Modified 07 Mar 2011 09:24:46
Published 17 Aug 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2611

Summary

VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.

Vulnerable Systems

Application

  • Symantec Veritas Backup Exec Netware Servers 9.0.4019

  • Symantec Veritas Backup Exec Netware Servers 9.0.4170

  • Symantec Veritas Backup Exec Netware Servers 9.0.4172

  • Symantec Veritas Backup Exec Netware Servers 9.0.4174

  • Symantec Veritas Backup Exec Netware Servers 9.0.4202

  • Symantec Veritas Backup Exec Netware Servers 9.1.1067 .2

  • Symantec Veritas Backup Exec Netware Servers 9.1.1067 .3

  • Symantec Veritas Backup Exec Netware Servers 9.1.1127 .1

  • Symantec Veritas Backup Exec Netware Servers 9.1.1151 .1

  • Symantec Veritas Backup Exec Netware Servers 9.1.1152

  • Symantec Veritas Backup Exec Netware Servers 9.1.1152 .4

  • Symantec Veritas Backup Exec Netware Servers 9.1.1154

  • Symantec Veritas Backup Exec Netware Servers 9.1.1156

  • Symantec Veritas Backup Exec Netware Servers 9.1.306

  • Symantec Veritas Backup Exec Netware Servers 9.1.307

  • Symantec Veritas Backup Exec Remote Agent Netware Server

  • Symantec Veritas Backup Exec Remote Agent Unix Linux Server

  • Symantec Veritas Backup Exec Remote Agent Windows Server

  • Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5484

  • Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5484 Sp1

  • Symantec Veritas Backup Exec Windows Servers 10.0 Rev. 5520

  • Symantec Veritas Backup Exec Windows Servers 8.6

  • Symantec Veritas Backup Exec Windows Servers 9.0

  • Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4367

  • Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4367 Sp1

  • Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454

  • Symantec Veritas Backup Exec Windows Servers 9.0 Rev. 4454 Sp1

  • Symantec Veritas Backup Exec Windows Servers 9.1

  • Symantec Veritas Backup Exec Windows Servers 9.1 Rev. 4691

  • Symantec Veritas Backup Exec Windows Servers 9.1 Rev. 4691 Sp2

  • Symantec Veritas Netbackup Netware Media Servers 4.5

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp1

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp2

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp3

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp4

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp5

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp6

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp7

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Fp8

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp1

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp2

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp3

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp4

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp5

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp6

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp7

  • Symantec Veritas Netbackup Netware Media Servers 4.5 Mp8

  • Symantec Veritas Netbackup Netware Media Servers 5.0

  • Symantec Veritas Netbackup Netware Media Servers 5.0 Mp1

  • Symantec Veritas Netbackup Netware Media Servers 5.0 Mp2

  • Symantec Veritas Netbackup Netware Media Servers 5.0 Mp3

  • Symantec Veritas Netbackup Netware Media Servers 5.0 Mp4

  • Symantec Veritas Netbackup Netware Media Servers 5.0 Mp5

  • Symantec Veritas Netbackup Netware Media Servers 5.1

  • Symantec Veritas Netbackup Netware Media Servers 5.1 Mp1

  • Symantec Veritas Netbackup Netware Media Servers 5.1 Mp2

  • Symantec Veritas Netbackup Netware Media Servers 5.1 Mp3


References

CERT-VN - VU#378957

CERT - TA05-224A

XF - backupexec-ndmp-gain-access(21793)

SECTRACK - 1014662

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html

SECUNIA - 16403

VUPEN - ADV-2005-1387

BID - 14551


Last Updated: 27 May 2016 10:40:34