CVE-2006-0989 - Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Serve

CVE-2006-0989

Summary

Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.

References

Vulnerable Configurations

cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*
cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*

CVSS

Base:	9.0 (as of 18-10-2018 - 16:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bid	17264
bugtraq	20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow
cert-vn	VU#880801
confirm	http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html http://seer.support.veritas.com/docs/281521.htm
misc	http://www.zerodayinitiative.com/advisories/ZDI-06-005.html
osvdb	24172
sectrack	1015832
sreason	639
vupen	ADV-2006-1124
xf	netbackup-vmd-sscanf-bo(25471)

saint via4

bid 17264
description VERITAS NetBackup VMD argument parsing vulnerability
id misc_netbackupvmbo
osvdb 24172
title netbackup_vmd_arg
type remote
bid 17264
description VERITAS NetBackup vnetd bpspsserver buffer overflow
id misc_netbackupvmbo
osvdb 24170
title netbackup_bpspsserver
type remote

Last major update

18-10-2018 - 16:30

Published

28-03-2006 - 00:06

Last modified

18-10-2018 - 16:30