Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3116

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-3116
Last Modified 07 Mar 2011 09:25:50
Published 18 Nov 2005 01:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3116

Summary

Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.

Vulnerable Systems

Application

  • Symantec Veritas Netbackup 5.0 With Mp1

  • Symantec Veritas Netbackup 5.0 With Mp2

  • Symantec Veritas Netbackup 5.0 With Mp3

  • Symantec Veritas Netbackup 5.0 With Mp4

  • Symantec Veritas Netbackup 5.0 With Mp5

  • Symantec Veritas Netbackup 5.1 With Mp1

  • Symantec Veritas Netbackup 5.1 With Mp2

  • Symantec Veritas Netbackup 5.1 With Mp3a

  • Symantec Veritas Netbackup 5.1 Without Mp


References

CERT-VN - VU#574662

XF - netbackup-vmd-bo(22985)

BID - 15353

OSVDB - 20674

IDEFENSE - 20051110 Stack Overflow in Veritas Netbackup Enterprise Server

CONFIRM - http://seer.support.veritas.com/docs/279553.htm

SECTRACK - 1015170

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html

SECUNIA - 17503

VUPEN - ADV-2005-2349

BUGTRAQ - 20060117 Re: Veritas NetBackup "Volume Manager Daemon" Module Stack Overflow - Exploit

BUGTRAQ - 20060115 Veritas NetBackup "Volume Manager Daemon" Module Stack Overflow - Exploit


Last Updated: 27 May 2016 10:40:48