US-CERT warns of Veritas flaw

By

The U.S. Computer Emergency Readiness Team (US-CERT) has issued an alert about a flaw in a Veritas Software data backup product, which it says is being actively exploited.

The Veritas Backup Exec Remote Agent for Windows contains a buffer overflow that can allow an attacker to take over a system, according to US-CERT.


The agent is installed on systems that are slated for back up and listens on TCP port 10000 for messages that a backup should happen, but the software fails to properly validate incoming packets. A specially crafted message can then trigger a buffer overflow.

Exploit code for the flaw is publicly available and US-CERT said it has received legitimate reports that the vulnerability is being actively exploited. Also, it has seen increasing scanning activity on port 10000/tcp, indicating that attackers are trying to find systems running the flawed software.

US-CERT advised installing the patches Veritas has issued for the vulnerable software, and using firewalls to limit connectivity so that only backup servers can connect to the sytems being backed up.

www.us-cert.gov

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident

Log In

  |  Forgot your password?