All three flaws are remotely exploitable, the security and storage vendor reported. Of the vulnerabilities, two are buffer overflow bugs reported to Symantec by TippingPoint, a division of 3Com.
The overflows appear in one of the daemons run on Symantec Veritas NetBackup Enterprise Servers and NetBackup Server and client systems, as well as on Storage Migrator for Unix if that option is installed.
"If an attacker used this vulnerability and connected to your Veritas backup server, they would be able to compromise and run coded exploits," Tod Beardsley, lead counter-fraud engineer for TippingPoint, told SC Magazine.com
"That generally means uploading shell code, installing backdoors and all of that good stuff. And, incidentally, since it is a backup server, it has access to all of your backup information."
IBM Internet Security Systems (ISS) reported the third flaw, which was a programming logic error in incoming system commands handling. According to Symantec, a remote attacker with access to the system can append commands to a valid command to run whatever they like on the system.
"This vulnerability can be exploited remotely with no user interaction, allowing attackers to obtain control of affected machines up to administrative privileges," said Peter Allor, director of intelligence for IBM ISS. "Not all enterprises securely deploy Veritas NetBackup, so since it is widely used in enterprise environments, we are urging companies to take immediate action to resolve this issue."
With the announcement yesterday, Symantec released patches to fix the problem. The company also reported that it recently conducted a "focused, internal review" of NetBackup, which found several other security concerns the company is working to fix.
"Symantec engineers identified additional areas that could present potential security concerns," the company reported.
"Symantec engineers were already in the process of preparing and testing updates for these issues and have accelerated relevant updates into the referenced Maintenance Pack releases to aid in addressing these issues."
Click here to email Ericka Chickowski.
Symantec patches Veritas flaw trio
By Ericka Chickowski on Dec 15, 2006 9:47AM