Symantec Veritas Backup Exec vulnerabilities
11 known vulnerabilities affecting symantec_veritas/backup_exec.
Total CVEs
11
CISA KEV
0
Public exploits
4
Exploited in wild
2
Severity breakdown
CRITICAL3HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2005-0773P1HIGHCVSS 7.5ExploitedPoCv9.0.4019v9.0.4170+20 more2005-06-18
CVE-2005-0773 [HIGH] CVE-2005-0773: Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
nvd
CVE-2005-2611P1CRITICALCVSS 10.0ExploitedPoCvnetware_servers_9.0.4019vnetware_servers_9.0.4170+25 more2005-08-17
CVE-2005-2611 [CRITICAL] CVE-2005-2611: VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
nvd
CVE-2004-1172P2CRITICALCVSS 10.0PoCv8.0v8.5+3 more2005-01-10
CVE-2004-1172 [CRITICAL] CVE-2004-1172: Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
nvd
CVE-2005-0771P2CRITICALCVSS 10.0PoCv9.0_rev.4367v9.0_rev.4454+2 more2005-06-23
CVE-2005-0771 [CRITICAL] CVE-2005-0771: VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
nvd
CVE-2005-2079P3HIGHCVSS 7.5v9.0_rev.4367v9.0_rev.4454+2 more2005-08-02
CVE-2005-2079 [HIGH] CVE-2005-2079: Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 fo
Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.
nvd
CVE-2005-2051P4HIGHCVSS 7.5v9.0v9.0_rev.4367+5 more2005-06-28
CVE-2005-2051 [HIGH] CVE-2005-2051: Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0
Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.
nvd
CVE-2006-4128P4MEDIUMCVSS 6.5v9.1v9.1_build9.1.4691+11 more2006-08-14
CVE-2006-4128 [MEDIUM] CVE-2006-4128: Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent
Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agen
nvd
CVE-2005-2080P4HIGHCVSS 7.5v9.0v9.0.4019+15 more2005-06-29
CVE-2005-2080 [HIGH] CVE-2005-2080: Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through
Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server.
nvd
CVE-2006-1298P4MEDIUMCVSS 4.6v9.1v10.02006-03-19
CVE-2006-1298 [MEDIUM] CVE-2006-1298: Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas B
Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), al
nvd
CVE-2006-1297P4MEDIUMCVSS 5.0vnetware_server_9.1vnetware_server_9.22006-03-19
CVE-2006-1297 [MEDIUM] CVE-2006-1297: Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, f
Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to "memory errors."
nvd
CVE-2002-1117P4MEDIUMCVSS 5.0≤ 8.52002-10-04
CVE-2002-1117 [MEDIUM] CVE-2002-1117: Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft
Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.
nvd