VERITAS NetBackup Volume Manager Daemon buffer overflow

Added: 12/04/2005
CVE: CVE-2005-3116
BID: 15353
OSVDB: 20674

Background

VERITAS NetBackup is a backup and recovery solution for multiple platforms.

Problem

The Volume Manager Daemon (VMD) has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port 13701/tcp on a NetBackup server or client could result in command execution with root or system privileges.

Resolution

Apply the patch referenced in Symantec advisory 05-024.

References

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336&type=vulnerabilities

Limitations

Exploit works on VERITAS NetBackup Server 5.1. Due to small buffer size, the target must be able to connect back to the attack host to retrieve the shell code.

Platforms

Windows

Back to exploit index