ID CVE-2005-2611
Summary VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4019:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4019:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4170:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4170:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4172:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4172:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4174:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4174:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4202:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4202:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.306:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.306:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.307:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.307:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1127_.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1127_.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1151_.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1151_.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152_.4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152_.4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1154:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1154:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1156:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1156:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_8.6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367_sp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367_sp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454_sp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454_sp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691_sp2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691_sp2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484_sp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484_sp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5520:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5520:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:netware_server:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:netware_server:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:unix_linux_server:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:unix_linux_server:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:windows_server:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:windows_server:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp7:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp7:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp8:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp8:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp7:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp7:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp8:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp8:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp3:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp4:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp4:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp1:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp2:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp2:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp3:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp3:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 14551
cert TA05-224A
cert-vn VU#378957
confirm http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html
sectrack 1014662
secunia 16403
vupen ADV-2005-1387
xf backupexec-ndmp-gain-access(21793)
Last major update 11-07-2017 - 01:32
Published 17-08-2005 - 04:00
Last modified 11-07-2017 - 01:32
Back to Top