Family: Windows --> Category: infos
Symantec Backup Exec Multiple Heap Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for version of Symantec Backup Exec
Detailed Explanation for this Vulnerability Test
The remote Windows host has an application that is susceptible to
multiple heap overflow attacks.
The Windows remote host contains Backup Exec for Windows Server /
Backup Exec Continuous Protection Server, a commercial backup product.
The version of the software installed on the remote host reportedly
contains several heap overflows involving specially-crafted calls to
its RPC interfaces. Exploitation of these issues may allow a remote
attacker with authorized but non-privileged access to crash the
affected application and possibly to execute arbitrary code and gain
elevated rights on the affected host.
See also :
Apply the appropriate hotfix as listed in the vendor advisory
Medium / CVSS Base Score : 4.2
Click HERE for more information and discussions on this network vulnerability scan.