dcsimg

Symantec Patches Critical Hole

Symantec has patched several Veritas products suffering from remote access holes.

 By Michael Hall | Posted Aug 15, 2005
Page of   |  Back to Page 1
Print ArticleEmail Article

Symantec has announced that several of its Veritas products are vulnerable to a remote access vulnerability.

According to an advisory updated over the weekend, VERITAS Backup Exec for Windows Servers, VERITAS Backup Exec for NetWare Servers, and NetBackup for NetWare Media Server Option all suffer from a vulnerability that could allow "unauthorized remote access and the downloading of arbitrary files."

Symantec reported that the exploit is the product of manipulating an encrypted but static password transferred during authentication with the software, and that a public exploit has already been found.

The company has rated the risk impact of the exploit "high," but noted that risks posed by it can be "substantially mitigated" by closing port 10000 at the firewall. Symantec has also released IPS/IDS (define) signatures for several of its security products, including ManHunt, Gateway Security, Client Security, and its Network Security Appliance 7100.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.