Multiple vulnerabilities in Symantec Backup Exec

Описание

Multiple serious vulnerabilities have been found in Symantec Backup Exec. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, read-write backup files, inject scripts and execute arbitrary code Below is a complete list of vulnerabilities

1. Vectors related to NDMP protocol can be exploited remotely;
2. Weak file permissions can be exploited locally via file modification;
3. XSS vulnerabilities can be exploited remotely via vectors related to web interface;
4. A buffer overflow can be exploited remotely via unspecified vectors.

Первичный источник обнаружения

• Symantec advisory
  

Связанные продукты

• VERITAS-Backup-Exec

Список CVE

• CVE-2013-4678
  warning
• CVE-2013-4676
  warning
• CVE-2013-4677
  warning
• CVE-2013-4575
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com