Vulnerabilities > CVE-2004-1389 - Privilege Escalation vulnerability in Veritas NetBackup

CVSS 6.0 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

high complexity

veritas

exploit available

metasploit

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.

Vulnerable Configurations

Part	Description	Count
Application	Veritas Veritas Netbackup 3.4.0 Veritas Netbackup 3.4.1 Veritas Netbackup 4.5.0 Veritas Netbackup 5.0 Veritas Netbackup 5.1	9

Exploit-Db

description	Veritas NetBackup Remote Command Execution. CVE-2004-1389. Remote exploits for multiple platform
id	EDB-ID:9941
last seen	2016-02-01
modified	2004-10-21
published	2004-10-21
reporter	patrick
source	https://www.exploit-db.com/download/9941/
title	Veritas NetBackup - Remote Command Execution

description	VERITAS NetBackup Remote Command Execution. CVE-2004-1389. Remote exploits for multiple platform
id	EDB-ID:16290
last seen	2016-02-01
modified	2010-10-09
published	2010-10-09
reporter	metasploit
source	https://www.exploit-db.com/download/16290/
title	VERITAS NetBackup Remote Command Execution

Metasploit

description	This module allows arbitrary command execution on an ephemeral port opened by Veritas NetBackup, whilst an administrator is authenticated. The port is opened and allows direct console access as root or SYSTEM from any source address.
id	MSF:EXPLOIT/MULTI/MISC/VERITAS_NETBACKUP_CMDEXEC
last seen	2020-05-22
modified	2017-11-08
published	2008-11-13
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1389
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb
title	VERITAS NetBackup Remote Command Execution

Packetstorm

data source	https://packetstormsecurity.com/files/download/82267/veritas_netbackup_cmdexec.rb.txt
id	PACKETSTORM:82267
last seen	2016-12-05
published	2009-10-27
reporter	patrick
source	https://packetstormsecurity.com/files/82267/VERITAS-NetBackup-Remote-Command-Execution.html
title	VERITAS NetBackup Remote Command Execution

Summary

Vulnerable Configurations

Exploit-Db

Metasploit

Packetstorm

References