Vulnerabilities > Veritas

DATE CVE VULNERABILITY TITLE RISK
2017-01-04 CVE-2016-7399 Command Injection vulnerability in Veritas Netbackup Appliance Firmware
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense.
network
low complexity
veritas CWE-77
critical
10.0
2016-05-07 CVE-2015-6552 Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance
The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to make arbitrary RPC calls via unspecified vectors.
network
low complexity
veritas CWE-284
critical
10.0
2016-05-07 CVE-2015-6551 Information Exposure vulnerability in Veritas Netbackup and Netbackup Appliance
Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2.5.4 and 2.6.0.x through 2.6.0.4 do not use TLS for administration-console traffic to the NBU server, which allows remote attackers to obtain sensitive information by sniffing the network for key-exchange packets.
network
veritas CWE-200
4.3
2016-05-07 CVE-2015-6550 Improper Access Control vulnerability in Veritas Netbackup and Netbackup Appliance
bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and 7.7.x before 7.7.2 and NetBackup Appliance through 2.5.4, 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, and 2.7.x before 2.7.2 allows remote attackers to execute arbitrary commands via crafted input.
network
low complexity
veritas CWE-284
critical
10.0
2006-03-28 CVE-2006-0991 Remote Buffer Overflow vulnerability in VERITAS NetBackup
Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to execute arbitrary code via crafted "Request Service" packets to the vnetd service (TCP port 13724).
network
high complexity
veritas
7.1
2006-03-28 CVE-2006-0990 Remote Buffer Overflow vulnerability in VERITAS NetBackup
Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
network
low complexity
veritas
critical
9.0
2006-03-28 CVE-2006-0989 Remote Buffer Overflow vulnerability in VERITAS NetBackup
Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
network
low complexity
veritas
critical
9.0
2005-06-28 CVE-2005-0772 NULL Pointer Dereference vulnerability in Veritas Backup Exec
VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference.
network
low complexity
veritas CWE-476
7.5
2004-12-31 CVE-2004-1389 Privilege Escalation vulnerability in Veritas NetBackup
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.
local
high complexity
veritas
6.0
2003-12-31 CVE-2003-1361 Remote Code Execution vulnerability in Veritas Bare Metal Restore
Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server.
network
low complexity
ibm veritas
critical
10.0