VERITAS NetBackup vnetd bpspsserver buffer overflow

Added: 04/14/2006
CVE: CVE-2006-0991
BID: 17264
OSVDB: 24170

Background

VERITAS NetBackup is a backup and recovery solution for multiple platforms.

Problem

A buffer overflow in bpspsserver allows a remote attacker to execute arbitrary commands by sending a specially crafted Request Service message to the vnetd service.

Resolution

Apply the update referenced in Symantec Advisory SYM06-006.

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1641.html

Limitations

Exploit works on VERITAS NetBackup 6.0.

Platforms

Windows XP

Back to exploit index