-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 it sounds like idefense has been out of course on this one again , wonder why , oopps :>
[EMAIL PROTECTED] wrote: > ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer > Overflow > http://www.zerodayinitiative.com/advisories/ZDI-06-005.html March > 27, 2006 > > -- CVE ID: CVE-2006-0989 > > -- Affected Vendor: Symantec VERITAS > > -- Affected Products: VERITAS NetBackup v6.0 > > -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS > customers have been protected against this vulnerability since > December 19, 2005 by Digital Vaccine protection filter ID 3976. For > further product information on the TippingPoint IPS: > > http://www.tippingpoint.com > > -- Vulnerability Details: This vulnerability allows remote > attackers to execute arbitrary code on vulnerable Symantec VERITAS > NetBackup installations. Authentication is not required to exploit > this vulnerability. > > This specific flaw exists within the volume manager daemon > (vmd.exe) due to incorrect bounds checking during a call to > sscanf() that copies user-supplied data to a stack-based buffer. > The vulnerable daemon listens on TCP port 13701. > > -- Vendor Response: Symantec engineers have addressed these issues > in all currently supported versions of NetBackup. Symantec > engineers did additional reviews and will continue on-going reviews > of related file functionality to further enhance the overall > security of Veritas NetBackup products and to eliminate any > additional potential concerns. > > Security updates are available for all supported products. Symantec > strongly recommends all customers immediately apply the latest > cumulative Security Pack updates or Maintenance Pack releases as > indicated for their supported product versions to protect against > threats of this nature. > > http://support.veritas.com/docs/281521 > > -- Disclosure Timeline: 2005.12.20 - Vulnerability reported to > vendor 2005.12.19 - Digital Vaccine released to TippingPoint > customers 2006.03.24 - Vulnerability information provided to ZDI > security partners 2006.03.27 - Coordinated public release of > advisory > > -- Credit: This vulnerability was discovered by Sebastian Apelt. > > -- About the Zero Day Initiative (ZDI): Established by > TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) > represents a best-of-breed model for rewarding security researchers > for responsibly disclosing discovered vulnerabilities. > > Researchers interested in getting paid for their security research > through the ZDI can find more information and sign-up at: > > http://www.zerodayinitiative.com > > The ZDI is unique in how the acquired vulnerability information is > used. 3Com does not re-sell the vulnerability details or any > exploit code. Instead, upon notifying the affected product vendor, > 3Com provides its customers with zero day protection through its > intrusion prevention technology. Explicit details regarding the > specifics of the vulnerability are not exposed to any parties until > an official vendor patch is publicly available. Furthermore, with > the altruistic aim of helping to secure a broader user base, 3Com > provides this vulnerability information confidentially to security > vendors (including competitors) who have a vulnerability protection > or mitigation product. > > > _______________________________________________ Full-Disclosure - > We believe in it. Charter: > http://lists.grok.org.uk/full-disclosure-charter.html Hosted and > sponsored by Secunia - http://secunia.com/ > > > > __________ NOD32 1.1458 (20060324) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (MingW32) iD8DBQFEKE8TFJS99fNfR+YRAhAoAJ4oWAooN6MMD1ggD0rcgNKZ56fnvACfSfTU 3YVD6eyCHm5D/OqC0+MEJjg= =qDjV -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
