Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2715

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-2715
Last Modified 05 Sep 2008 04:52:30
Published 12 Oct 2005 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2715

Summary

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.

Vulnerable Systems

Application

  • Symantec Veritas Netbackup Data And Business Center 4.5fp

  • Symantec Veritas Netbackup Data And Business Center 4.5mp

  • Symantec Veritas Netbackup Enterprise Server Client 5.0

  • Symantec Veritas Netbackup Enterprise Server Client 5.1

  • Symantec Veritas Netbackup Enterprise Server Client 6.0


References

CERT-VN - VU#495556

CONFIRM - http://www.symantec.com/avcenter/security/Content/2005.10.12.html

BID - 15079

SUNALERT - 102054

CONFIRM - http://seer.support.veritas.com/docs/279085.htm

SECTRACK - 1015028

SECUNIA - 17181

MISC - http://www.zerodayinitiative.com/advisories/ZDI-05-001.html


Last Updated: 27 May 2016 10:40:37