Vulnerabilities > Symantec Veritas
|2008-02-21||CVE-2007-4516|| Improper Input Validation vulnerability in Symantec Veritas Storage Foundation 5.0 |
The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets.
| 4.3 |
|2006-08-18||CVE-2006-4228|| Authentication Bypass vulnerability in Symantec Veritas Netbackup Puredisk Remote Office Edition 6.0 |
Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before MP1 20060816 allows remote attackers to bypass authentication and gain privileges via unknown attack vectors in the management interface.
| 9.0 |
|2006-08-14||CVE-2006-4128|| Heap Overflow vulnerability in Symantec Backup Exec |
Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message.
| 6.5 |
|2006-03-19||CVE-2006-1298|| Remote Format String vulnerability in Veritas Backup Exec Media Server BEngine Service Job Log |
Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev.
| 4.6 |
|2006-03-19||CVE-2006-1297|| Remote Denial of Service vulnerability in Symantec Veritas Backup Exec and Backup Exec Remote Agent |
Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to "memory errors."
| 5.0 |
|2005-11-18||CVE-2005-3116|| Buffer Overflow vulnerability in VERITAS NetBackup Volume Manager Daemon |
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.
| 10.0 |
|2005-11-16||CVE-2005-3566|| Local Buffer Overflow vulnerability in VERITAS Cluster Server for UNIX |
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
| 4.3 |
|2005-10-12||CVE-2005-2715|| Remote Format String vulnerability in Symantec Veritas products |
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
| 10.0 |
|2005-09-20||CVE-2005-2996|| Unspecified vulnerability in Symantec Veritas Storage Exec and Storagecentral |
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
| 7.5 |
|2005-08-17||CVE-2005-2611|| Unspecified vulnerability in Symantec Veritas Backup Exec, Backup Exec Remote Agent and Netbackup |
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
| 10.0 |