Vulnerability-Lookup

CVE-2006-0989 (GCVE-0-2006-0989)

Vulnerability from cvelistv5 – Published: 2006-03-28 00:00 – Updated: 2024-08-07 16:56

Summary

Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1015832	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/17264	vdb-entryx_refsource_BID
	http://seer.support.veritas.com/docs/281521.htm	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/1124	vdb-entryx_refsource_VUPEN
	http://securityresponse.symantec.com/avcenter/sec…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/880801	third-party-advisoryx_refsource_CERT-VN
	http://www.osvdb.org/24172	vdb-entryx_refsource_OSVDB
	http://www.zerodayinitiative.com/advisories/ZDI-0…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/428944/100…	mailing-listx_refsource_BUGTRAQ
	http://securityreason.com/securityalert/639	third-party-advisoryx_refsource_SREASON
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:56:15.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015832",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015832"
          },
          {
            "name": "17264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17264"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://seer.support.veritas.com/docs/281521.htm"
          },
          {
            "name": "ADV-2006-1124",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1124"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
          },
          {
            "name": "VU#880801",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/880801"
          },
          {
            "name": "24172",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/24172"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
          },
          {
            "name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
          },
          {
            "name": "639",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/639"
          },
          {
            "name": "netbackup-vmd-sscanf-bo(25471)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015832",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015832"
        },
        {
          "name": "17264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17264"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://seer.support.veritas.com/docs/281521.htm"
        },
        {
          "name": "ADV-2006-1124",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1124"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
        },
        {
          "name": "VU#880801",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/880801"
        },
        {
          "name": "24172",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/24172"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
        },
        {
          "name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
        },
        {
          "name": "639",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/639"
        },
        {
          "name": "netbackup-vmd-sscanf-bo(25471)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0989",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015832",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015832"
            },
            {
              "name": "17264",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17264"
            },
            {
              "name": "http://seer.support.veritas.com/docs/281521.htm",
              "refsource": "CONFIRM",
              "url": "http://seer.support.veritas.com/docs/281521.htm"
            },
            {
              "name": "ADV-2006-1124",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1124"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
            },
            {
              "name": "VU#880801",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/880801"
            },
            {
              "name": "24172",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/24172"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
            },
            {
              "name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
            },
            {
              "name": "639",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/639"
            },
            {
              "name": "netbackup-vmd-sscanf-bo(25471)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0989",
    "datePublished": "2006-03-28T00:00:00",
    "dateReserved": "2006-03-03T00:00:00",
    "dateUpdated": "2024-08-07T16:56:15.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*\", \"matchCriteriaId\": \"74DFFDE3-533A-4F35-949A-C85CBFCD7C87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*\", \"matchCriteriaId\": \"F7B2572C-C560-4D7F-8824-A04DA07583FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*\", \"matchCriteriaId\": \"BCA898F1-6E9A-41DE-ABB3-4006D16CF315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*\", \"matchCriteriaId\": \"6F18487E-ADA8-4362-9F50-73568716825A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*\", \"matchCriteriaId\": \"E3592CA8-4F02-421D-B373-A859231A447E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*\", \"matchCriteriaId\": \"790282C3-9148-4D78-95ED-058D2166EB92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*\", \"matchCriteriaId\": \"D6AD552C-8462-4B56-865C-7858A1892E58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*\", \"matchCriteriaId\": \"F570650A-8E21-4F66-B4D2-447FBB8EA9D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*\", \"matchCriteriaId\": \"BE706E94-7808-4C59-A17D-0E300D5E939D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*\", \"matchCriteriaId\": \"2B52E958-2728-48C8-ACBC-CED68045A9FC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.\"}]",
      "id": "CVE-2006-0989",
      "lastModified": "2024-11-21T00:07:47.837",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-03-28T00:06:00.000",
      "references": "[{\"url\": \"http://securityreason.com/securityalert/639\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1015832\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://seer.support.veritas.com/docs/281521.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/880801\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/24172\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/428944/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/17264\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1124\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-06-005.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25471\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityreason.com/securityalert/639\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015832\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://seer.support.veritas.com/docs/281521.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/880801\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/24172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/428944/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/17264\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/1124\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-06-005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/25471\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0989\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-03-28T00:06:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*\",\"matchCriteriaId\":\"74DFFDE3-533A-4F35-949A-C85CBFCD7C87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*\",\"matchCriteriaId\":\"F7B2572C-C560-4D7F-8824-A04DA07583FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*\",\"matchCriteriaId\":\"BCA898F1-6E9A-41DE-ABB3-4006D16CF315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*\",\"matchCriteriaId\":\"6F18487E-ADA8-4362-9F50-73568716825A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*\",\"matchCriteriaId\":\"E3592CA8-4F02-421D-B373-A859231A447E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*\",\"matchCriteriaId\":\"790282C3-9148-4D78-95ED-058D2166EB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*\",\"matchCriteriaId\":\"D6AD552C-8462-4B56-865C-7858A1892E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*\",\"matchCriteriaId\":\"F570650A-8E21-4F66-B4D2-447FBB8EA9D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*\",\"matchCriteriaId\":\"BE706E94-7808-4C59-A17D-0E300D5E939D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*\",\"matchCriteriaId\":\"2B52E958-2728-48C8-ACBC-CED68045A9FC\"}]}]}],\"references\":[{\"url\":\"http://securityreason.com/securityalert/639\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015832\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seer.support.veritas.com/docs/281521.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/880801\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/24172\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/428944/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/17264\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1124\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-06-005.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25471\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015832\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seer.support.veritas.com/docs/281521.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/880801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/24172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/428944/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/17264\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/1124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-06-005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/25471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2006-0989

Vulnerability from fkie_nvd - Published: 2006-03-28 00:06 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://securityreason.com/securityalert/639
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html
cve@mitre.org	http://securitytracker.com/id?1015832
cve@mitre.org	http://seer.support.veritas.com/docs/281521.htm	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/880801	US Government Resource
cve@mitre.org	http://www.osvdb.org/24172
cve@mitre.org	http://www.securityfocus.com/archive/1/428944/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/17264
cve@mitre.org	http://www.vupen.com/english/advisories/2006/1124
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-06-005.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/25471
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/639
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015832
af854a3a-2127-422b-91ae-364da2661108	http://seer.support.veritas.com/docs/281521.htm	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/880801	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/24172
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/428944/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/17264
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/1124
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-06-005.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/25471

Impacted products

Vendor	Product	Version
veritas	netbackup	4.5.0
veritas	netbackup	4.5.0
veritas	netbackup	4.5.0
veritas	netbackup	4.5.0
veritas	netbackup	5.0
veritas	netbackup	5.0
veritas	netbackup	5.1
veritas	netbackup	5.1
veritas	netbackup	6.0
veritas	netbackup	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*",
              "matchCriteriaId": "74DFFDE3-533A-4F35-949A-C85CBFCD7C87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*",
              "matchCriteriaId": "F7B2572C-C560-4D7F-8824-A04DA07583FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*",
              "matchCriteriaId": "BCA898F1-6E9A-41DE-ABB3-4006D16CF315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*",
              "matchCriteriaId": "6F18487E-ADA8-4362-9F50-73568716825A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E3592CA8-4F02-421D-B373-A859231A447E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "790282C3-9148-4D78-95ED-058D2166EB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D6AD552C-8462-4B56-865C-7858A1892E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*",
              "matchCriteriaId": "F570650A-8E21-4F66-B4D2-447FBB8EA9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "BE706E94-7808-4C59-A17D-0E300D5E939D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "2B52E958-2728-48C8-ACBC-CED68045A9FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
    }
  ],
  "id": "CVE-2006-0989",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-03-28T00:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/639"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015832"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://seer.support.veritas.com/docs/281521.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/880801"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/24172"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/17264"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/1124"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://seer.support.veritas.com/docs/281521.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/880801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/24172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2006-0989

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-0989

Aliases

CVE-2006-0989

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0989",
    "description": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.",
    "id": "GSD-2006-0989"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0989"
      ],
      "details": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.",
      "id": "GSD-2006-0989",
      "modified": "2023-12-13T01:19:51.034286Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-0989",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1015832",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015832"
          },
          {
            "name": "17264",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/17264"
          },
          {
            "name": "http://seer.support.veritas.com/docs/281521.htm",
            "refsource": "CONFIRM",
            "url": "http://seer.support.veritas.com/docs/281521.htm"
          },
          {
            "name": "ADV-2006-1124",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/1124"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
          },
          {
            "name": "VU#880801",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/880801"
          },
          {
            "name": "24172",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/24172"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
          },
          {
            "name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
          },
          {
            "name": "639",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/639"
          },
          {
            "name": "netbackup-vmd-sscanf-bo(25471)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:4.5.0:fp:businessserver:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:4.5.0:fp:datacenter:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:6.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:6.0:*:server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:4.5.0:mp:businessserver:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:4.5.0:mp:datacenter:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:5.0:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:5.0:*:server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:5.1:*:enterprise_server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:veritas:netbackup:5.1:*:server:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0989"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
            },
            {
              "name": "http://seer.support.veritas.com/docs/281521.htm",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://seer.support.veritas.com/docs/281521.htm"
            },
            {
              "name": "VU#880801",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/880801"
            },
            {
              "name": "17264",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/17264"
            },
            {
              "name": "24172",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/24172"
            },
            {
              "name": "1015832",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015832"
            },
            {
              "name": "639",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/639"
            },
            {
              "name": "ADV-2006-1124",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/1124"
            },
            {
              "name": "netbackup-vmd-sscanf-bo(25471)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
            },
            {
              "name": "20060327 ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-18T16:30Z",
      "publishedDate": "2006-03-28T00:06Z"
    }
  }
}

CERTA-2006-AVI-128

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités se trouvent dans les produits Veritas NetBackup. Celles-ci peuvent être utilisées par un utilisateur malveillant dans le but d'accéder à distance au système.

Description

Plusieurs vulnérabilités de type débordement de mémoire ont été trouvées dans l'ensemble des produits de stockage et d'archivage Veritas NetBackup. Elles concernent trois services communs à une grande majorité des produits, à savoir : vmd, bpdbm et bpspsserver. Un utilisateur malveillant peut envoyer des paquets utilisant ses vulnérabilités, afin de gagner accès au système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions Symantec NetBackup affectées sont :

NetBackup Enterprise (client et serveur) 6.0
NetBackup Enterprise (client et serveur) 5.1
NetBackup Enterprise (client et serveur) 5.0
NetBackup (client et serveur) 6.0
NetBackup (client et serveur) 5.1
NetBackup (client et serveur) 5.0
NetBackup DataCenter et BusinesServer (client et serveur) 4.5FP
NetBackup DataCenter et BusinesServer (client et serveur) 4.5MP

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de Sécurité Symantec	None	vendor-advisory
Bulletin de sécurité SYM06-006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eLes versions Symantec NetBackup affect\u00e9es sont :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 6.0\u003c/LI\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 5.1\u003c/LI\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 5.0\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 6.0\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 5.1\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 5.0\u003c/LI\u003e    \u003cLI\u003eNetBackup DataCenter et BusinesServer (client et serveur)    4.5FP\u003c/LI\u003e    \u003cLI\u003eNetBackup DataCenter et BusinesServer (client et serveur)    4.5MP\u003c/LI\u003e  \u003c/UL\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de type d\u00e9bordement de m\u00e9moire ont \u00e9t\u00e9 trouv\u00e9es\ndans l\u0027ensemble des produits de stockage et d\u0027archivage Veritas\nNetBackup. Elles concernent trois services communs \u00e0 une grande majorit\u00e9\ndes produits, \u00e0 savoir : vmd, bpdbm et bpspsserver. Un utilisateur\nmalveillant peut envoyer des paquets utilisant ses vuln\u00e9rabilit\u00e9s, afin\nde gagner acc\u00e8s au syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-0991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0991"
    },
    {
      "name": "CVE-2006-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0989"
    },
    {
      "name": "CVE-2006-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0990"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SYM06-006 :",
      "url": "http://seer.support.veritas.com/docs/281521.htm"
    }
  ],
  "reference": "CERTA-2006-AVI-128",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-03-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s se trouvent dans les produits Veritas\nNetBackup. Celles-ci peuvent \u00eatre utilis\u00e9es par un utilisateur\nmalveillant dans le but d\u0027acc\u00e9der \u00e0 distance au syst\u00e8me.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de Symantec Veritas NetBackup",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de S\u00e9curit\u00e9 Symantec",
      "url": null
    }
  ]
}

CERTA-2006-AVI-128

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités se trouvent dans les produits Veritas NetBackup. Celles-ci peuvent être utilisées par un utilisateur malveillant dans le but d'accéder à distance au système.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions Symantec NetBackup affectées sont :

NetBackup Enterprise (client et serveur) 6.0
NetBackup Enterprise (client et serveur) 5.1
NetBackup Enterprise (client et serveur) 5.0
NetBackup (client et serveur) 6.0
NetBackup (client et serveur) 5.1
NetBackup (client et serveur) 5.0
NetBackup DataCenter et BusinesServer (client et serveur) 4.5FP
NetBackup DataCenter et BusinesServer (client et serveur) 4.5MP

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de Sécurité Symantec	None	vendor-advisory
Bulletin de sécurité SYM06-006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eLes versions Symantec NetBackup affect\u00e9es sont :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 6.0\u003c/LI\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 5.1\u003c/LI\u003e    \u003cLI\u003eNetBackup Enterprise (client et serveur) 5.0\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 6.0\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 5.1\u003c/LI\u003e    \u003cLI\u003eNetBackup (client et serveur) 5.0\u003c/LI\u003e    \u003cLI\u003eNetBackup DataCenter et BusinesServer (client et serveur)    4.5FP\u003c/LI\u003e    \u003cLI\u003eNetBackup DataCenter et BusinesServer (client et serveur)    4.5MP\u003c/LI\u003e  \u003c/UL\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de type d\u00e9bordement de m\u00e9moire ont \u00e9t\u00e9 trouv\u00e9es\ndans l\u0027ensemble des produits de stockage et d\u0027archivage Veritas\nNetBackup. Elles concernent trois services communs \u00e0 une grande majorit\u00e9\ndes produits, \u00e0 savoir : vmd, bpdbm et bpspsserver. Un utilisateur\nmalveillant peut envoyer des paquets utilisant ses vuln\u00e9rabilit\u00e9s, afin\nde gagner acc\u00e8s au syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-0991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0991"
    },
    {
      "name": "CVE-2006-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0989"
    },
    {
      "name": "CVE-2006-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-0990"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SYM06-006 :",
      "url": "http://seer.support.veritas.com/docs/281521.htm"
    }
  ],
  "reference": "CERTA-2006-AVI-128",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-03-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s se trouvent dans les produits Veritas\nNetBackup. Celles-ci peuvent \u00eatre utilis\u00e9es par un utilisateur\nmalveillant dans le but d\u0027acc\u00e9der \u00e0 distance au syst\u00e8me.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de Symantec Veritas NetBackup",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de S\u00e9curit\u00e9 Symantec",
      "url": null
    }
  ]
}

GHSA-XHXP-35F2-8G78

Vulnerability from github – Published: 2022-05-01 06:44 – Updated: 2022-05-01 06:44

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0989"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-03-28T00:06:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.",
  "id": "GHSA-xhxp-35f2-8g78",
  "modified": "2022-05-01T06:44:43Z",
  "published": "2022-05-01T06:44:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0989"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25471"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/639"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.27.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015832"
    },
    {
      "type": "WEB",
      "url": "http://seer.support.veritas.com/docs/281521.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/880801"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/24172"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/428944/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/17264"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/1124"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-005.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-0989 (GCVE-0-2006-0989)

FKIE_CVE-2006-0989

GSD-2006-0989

CERTA-2006-AVI-128

Description

Solution

CERTA-2006-AVI-128

Description

Solution

GHSA-XHXP-35F2-8G78

Tags

Sightings

Nomenclature