CVE-2006-0990 - Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise

CVE-2006-0990

Summary

Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.

References

Vulnerable Configurations

cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*

CVSS

Base:	9.0 (as of 18-10-2018 - 16:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bid	17264
bugtraq	20060327 SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons 20060327 ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow
cert-vn	VU#744137
confirm	http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://seer.support.veritas.com/docs/281521.htm
misc	http://www.zerodayinitiative.com/advisories/ZDI-06-006.html
sectrack	1015832
secunia	19417
sreason	642
vupen	ADV-2006-1124
xf	netbackup-bpdbm-sprintf-bo(25472)

saint via4

bid 17264
description VERITAS NetBackup VMD argument parsing vulnerability
id misc_netbackupvmbo
osvdb 24172
title netbackup_vmd_arg
type remote
bid 17264
description VERITAS NetBackup vnetd bpspsserver buffer overflow
id misc_netbackupvmbo
osvdb 24170
title netbackup_bpspsserver
type remote

Last major update

18-10-2018 - 16:30

Published

28-03-2006 - 00:06

Last modified

18-10-2018 - 16:30