Veritas Backup Exec Server远程访问漏洞

漏洞信息详情

Veritas Backup Exec Server远程访问漏洞

• CNNVD编号：CNNVD-200506-209
• 危害等级： 超危
  
  
• CVE编号：
  CVE-2005-0771
  
• 漏洞类型：
  
  
  访问验证错误
  
• 发布时间：
  
  2005-06-23
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-03-27
  
• 厂        商：
  
  symantec_veritas
• 漏洞来源：
  Discovery of this …

Windows操作系统下的VERITAS Backup Exec Server (beserver.exe) 9.0至10.0版本中，远程非认证攻击者可通过对TCP 6106端口上的PRC(远程过程调用)接口的方法调用来修改注册表。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Windows Servers 10.0修订版下的Veritas Software Backup Exec5484

Veritas VERITAS Backup Exec 10.0 rev. 5484 for Windows Servers – upgrade to Backup Exec 10.0 rev. 5520

http://support.veritas.com/docs/277181

Veritas VERITAS Backup Exec 10.0 rev. 5484 for Windows Servers Hotfix 24

http://support.veritas.com/docs/275514

Veritas Software Backup Exec for Windows Servers 9.0 rev. 4367

Veritas VERITAS Backup Exec 9.0 rev. 4367 for Windows Servers Hotfix 21

http://support.veritas.com/docs/276156

Veritas Software Backup Exec for Windows Servers 9.0 rev. 4454

Veritas VERITAS Backup Exec 9.0 rev. 4454 for Windows Servers Hotfix 31

http://support.veritas.com/docs/275911

Veritas Software Backup Exec for Windows Servers 9.1 rev. 4691

Veritas VERITAS Backup Exec 9.1 rev. 4691 for Windows Servers Hotfix 52

http://support.veritas.com/docs/275909

来源: US-CERT

名称: TA05-180A

链接:http://www.us-cert.gov/cas/techalerts/TA05-180A.html

来源: US-CERT

名称: VU#584505

链接:http://www.kb.cert.org/vuls/id/584505

来源: seer.support.veritas.com

链接:http://seer.support.veritas.com/docs/277429.htm

来源: seer.support.veritas.com

链接:http://seer.support.veritas.com/docs/276605.htm

来源: SECTRACK

名称: 1014273

链接:http://securitytracker.com/id?1014273

来源: SECUNIA

名称: 15789

链接:http://secunia.com/advisories/15789

来源: IDEFENSE

名称: 20050623 Veritas Backup Exec Server Remote Registry Access Vulnerability

链接:http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities&flashstatus=true

来源: IDEFENSE

名称: 20050623 Veritas Backup Exec Server Remote Registry Access Vulnerability

链接:http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities&flashstatus=true