Re: Coverage for Backup Product Vulnerabilities

Wed, 27 Jul 2005 06:26:36 -0700 

Computer Associates Arcserve overflow is tested by :
- arcserve_universalagent_overflow.nasl / plugin id 18041 (safe network test) 

There is a test to detect a default password too :

- arcserve_default_password.nasl / plugin id 16390 (safe network test)



Veritas Backup Exec is tested by :


- veritas_backup_exec_overflow.nasl / plugin id 16230 . This plugin  
requires Windows credentials.
- veritas_backup_exec_overflow2.nasl / plugin id 16232. This plugin  
is a destructive attack and can crash the service (you need to  
disable 'safe checks' option).
- veritas_agent_overflow.nasl / plugin id 18551. This plugin is a  
destructive attack and can crash the service (you need to disable  
'safe checks' option).



There is no way to do a 'safe network check' to detect if Veritas  
Backup Exec is patched or not.



And in addition, BakBone NetVault is tested by :

- netvault_remote_hbof.nasl / plugin id 18257 (safe network test)



Nicolas


On Jul 26, 2005, at 9:48 AM, Jersey, Steve wrote:


Do users in the Nessus community anticipate that new plug-ins will  
be developed shortly to scan for vulnerabilities associated to the  
Veritas and Computer Associates backup products?  Yesterday, the  
SANS group (www.sans.org) published a Q2 update of the newest  
vulnerabilities discovered in the last 3 months.  The  
vulnerabilities for these two software products were referenced as  
being “critical”.   SANS did not associate these vulnerabilities to  
an existing Top 20 category item, but the vulnerabilities would  
involve Windows and Unix systems.





Our group has used Nessus for a couple years to scan critical  
servers in relation to auditing at various locations.  We have  
become proficient with use of the tool, but we do not at this time  
have the technical capability to write our scripts.




Stephen P. Jersey

State of Maryland - Office of Legislative Audit

301 W. Preston St., Rm 1202

Baltimore, Md 21201

[EMAIL PROTECTED]









_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus


_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus






















					Reply via email to