ID CVE-2006-0990
Summary Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*
    cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*
CVSS
Base: 9.0 (as of 18-10-2018 - 16:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 17264
bugtraq
  • 20060327 SYM06-006, Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons
  • 20060327 ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow
cert-vn VU#744137
confirm
misc http://www.zerodayinitiative.com/advisories/ZDI-06-006.html
sectrack 1015832
secunia 19417
sreason 642
vupen ADV-2006-1124
xf netbackup-bpdbm-sprintf-bo(25472)
saint via4
  • bid 17264
    description VERITAS NetBackup vnetd bpspsserver buffer overflow
    id misc_netbackupvmbo
    osvdb 24170
    title netbackup_bpspsserver
    type remote
  • bid 17264
    description VERITAS NetBackup VMD argument parsing vulnerability
    id misc_netbackupvmbo
    osvdb 24172
    title netbackup_vmd_arg
    type remote
Last major update 18-10-2018 - 16:30
Published 28-03-2006 - 00:06
Last modified 18-10-2018 - 16:30
Back to Top