Symantec Backup Exec Flaw Could Invite Data Theft

Symantec on Friday published details of a vulnerability in its Backup Exec storage solution that could enable a remote attacker to gain full control over a machine and access confidential

August 11, 2006

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Symantec on Friday published details of a vulnerability in its Backup Exec storage solution that could enable a remote attacker to gain full control over a machine and access confidential data stored on corporate networks.

Symantec confirmed that the issue affects versions 9.1 and 9.2 of Symantec Backup Exec for NetWare Servers with Remote Agent for Windows Servers.

Cupertino, Calif.-based Symantec has released fixes for the NetWare issues and is looking into reports that the flaw also affects Backup Exec for Windows Servers, Backup Exec Continuous Protection Server (CPS) Remote Agent and other Backup Exec Remote Agents, according to a DeepSight Threat Management system bulletin.

The vulnerability affects the remote procedure call (RPC) interfaces of Backup Exec and could enable a remote attacker to send malicious code to the application and potentially gain complete control over the targeted machine. Even if the efforts were unsuccessful, the calls could result in a denial-of-service attack on the targeted system, Symantec said.

The RPC protocol, which allows an application running on one PC to execute a subroutine on another computer, was used by the 2003 Blaster worm to shut down Windows PCs without any user interaction.Ron Gula, CTO at Tenable Network Security, Columbia, Md., said the flaw's impact is limited somewhat by the fact that Backup Exec is usually installed on the internal network and isn't accessible from the Internet.

"However, this is where companies are putting all their critical data, so the last thing they want is to have a vulnerability there," Gula said.

Once attackers gain entry to the network, they can move around at will and access sensitive information, Gula added. "The real danger of this is that it could enable data theft and corporate espionage," he said.

Symantec's DeepSight Threat Management system rated the severity of the flaw as a 10 on a scale of 10.

Last August, Symantec patched a vulnerability in Backup Exec for Windows and NetWare servers that enabled attackers to manipulate a password in the authentication process between the server and the agent, giving them access to files stored on the server. A public exploit for that flaw was released on the Metasploit framework.0

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events