Vulnerabilities > Veritas

DATE CVE VULNERABILITY TITLE RISK
2016-05-07 CVE-2015-6551 Information Exposure vulnerability in Veritas Netbackup and Netbackup Appliance
Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets.
network
high complexity
veritas CWE-200
5.9
2016-05-07 CVE-2015-6550 Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance
bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary commands via crafted input.
network
low complexity
veritas CWE-284
critical
9.8
2005-06-28 CVE-2005-0772 NULL Pointer Dereference vulnerability in Veritas Backup Exec
VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference.
network
low complexity
veritas CWE-476
7.5