|
Family: Gain root remotely --> Category: attack
VERITAS Backup Exec Agent Registry Access Vulnerability Vulnerability Scan
Vulnerability Scan Summary Test the VERITAS Backup Exec Agent Registry Access
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host.
Description :
The remote host is running a version of VERITAS Backup Exec for
Windows which is vulnerable to a remote registry access. A possible hacker
may exploit this flaw to modify the remote registry and gain a full
access to the system.
To exploit this flaw, a possible hacker would need to send requests to the
RPC service listening on port 6106.
The patch for this vulnerability fix others remote flaw (buffer overflows)
that may allow a possible hacker to execute code on the remote host with SYSTEM
rights.
Solution :
http://seer.support.veritas.com/docs/276605.htm
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|