OSVDB ID: 36111

Title: Symantec Backup Exec for Windows RPC Crafted ncacn_ip_tcp Request Remote Overflow

Info

Disclosure

Jul 11, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 11, 2007

Description

A remote overflow exists in Backup Exec for Windows. The RPC server fails to properly verify boundaries resulting in a heap-based overflow. With a specially crafted request, an attacker can cause a denial of service and a possibility for arbitrary code execution resulting in a loss of availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Private, Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released patches to address this vulnerability.

Products

Symantec Corporation	Backup Exec for Windows Servers	10.0.5484
		10.0.5520
		10.1.5629
		11.0.6235
		11.0.7170

References

Security Tracker: 1018366
CVE ID: 2007-3509 (see also: NVD)
CERT VU: 213697
Bugtraq ID: 23897
Secunia Advisory ID: 26032
ISS X-Force ID: 35340
VUPEN Advisory: ADV-2007-2505
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0104.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=553
Vendor Specific Advisory URL: http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11a.html
Vendor Specific Solution URL: http://seer.entsupport.symantec.com/docs/289283.htm
Keyword: SYM07-015,tcp/6106

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36111

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Symantec Corporation

Backup Exec for Windows Servers

References

Credit