Veritas NetBackup bpjava-msvc Remote Format String Exploit (Linux)

Posted by tadelste on Oct 20, 2005 7:52 AM EDT
K-OTik DĂ©cideurs
Mail this story
Print this story

A vulnerability has been identified in VERITAS NetBackup servers and clients, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a format string error in the Java authentication service "bpjava-msvc" that does not properly handle a specially crafted "COMMAND_LOGON_TO_MSERVER" command (port 13722), which could be exploited by remote attackers to execute arbitrary commands with root/SYSTEM privileges.

Full Story

  Nav
» Read more about: Story Type: Security; Groups: Community

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.