Document ID: 277485
http://support.veritas.com/docs/277485 E-Mail Colleague IconE-Mail this document to a colleague

VERITAS Security Advisory VX05-008: Denial of Service (DoS) in VERITAS NetBackup for NetWare Media Servers
Details:
VX05-008
June 22, 2005
Denial of Service (DoS) in VERITAS NetBackup (tm) for NetWare Media Servers

Revision History
None
Risk Impact
Low

Overview
Exploitation of a buffer overflow vulnerability in the VERITAS NetBackup for NetWare Media Servers may allow remote attackers to force a system crash.

Affected Products
NetBackup for NetWare Media Servers versions:  
4.5, 4.5 Maintenance Pack 1 through 4.5 Maintenance Pack 8; 4.5 Feature Pack 1 through 4.5 Feature Pack 8
5.0, 5.0 Maintenance Pack 1 through Maintenance Pack 5
5.1, 5.1 Maintenance Pack 1 through 5.1 Maintenance Pack 3

Details
iDEFENSE, Inc. (  http://www.idefense.com/application/poi/display?type=vulnerabilities ) reported a vulnerability in the VERITAS NetBackup for NetWare Media Servers that could allow remote attackers to potentially crash the system.
This vulnerability improperly handles request packets resulting in an unexpected error status value.  This vulnerability can result in a crash of the program and/or a denial of service (DoS) condition.
This vulnerability does not allow remote code execution on the targeted system.


VERITAS Software's Response
VERITAS Engineering has verified and addressed the issue in the affected products. A patch has been developed for each of the affected versions to address the issue. Even though VERITAS Technical Services is unaware of any adverse customer impact from this issue, we strongly recommend users of the affected products upgrade and/or apply the appropriate updates immediately to safeguard against threats of this nature.

The links to the patches that fix this issue on NetBackup for NetWare Media Servers are as follows:

NetBackup 4.5 Maintenance Pack track:    http://support.veritas.com/docs/278456

NetBackup 4.5 Feature Pack track:    http://support.veritas.com/docs/277496

NetBackup Enterprise Server / NetBackup Server 5.0:    http://support.veritas.com/docs/277497

NetBackup Enterprise Server / NetBackup Server 5.1:    http://support.veritas.com/docs/277498

Mitigation:

Restrict incoming connections targeting TCP port 10000 to trusted hosts only.

CVE
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2005-0772 to this issue.
This is a candidate for inclusion in the CVE list (  http://cve.mitre.org ), which standardizes names for security problems.


Credit
VERITAS Software appreciates the cooperation of the iDEFENSE research team in reporting this issue and coordinating with VERITAS Software in the resolution process.


Products Applied:
 NetBackup BusinesServer 4.5, 4.5 (FP3), 4.5 (FP4), 4.5 (FP5), 4.5 (FP6), 4.5 (FP7), 4.5 (FP8), 4.5 (MP1), 4.5 (MP2), 4.5 (MP3), 4.5 (MP4), 4.5 (MP5), 4.5 (MP6), 4.5 (MP7), 4.5 (MP8)
 NetBackup DataCenter 4.5, 4.5 (FP4), 4.5 (FP5), 4.5 (FP6), 4.5 (FP7), 4.5 (FP8), 4.5 (MP1), 4.5 (MP2), 4.5 (MP3), 4.5 (MP4), 4.5 (MP5), 4.5 (MP6), 4.5 (MP7), 4.5 (MP8)
 NetBackup Enterprise Server 5.0, 5.0 MP1, 5.0 MP2, 5.0 MP3, 5.0 MP4, 5.0 MP5, 5.1, 5.1 MP1, 5.1 MP2, 5.1 MP3
 NetBackup Server 5.0, 5.0 MP1, 5.0 MP2, 5.0 MP3, 5.0 MP4, 5.0 MP5, 5.1, 5.1 MP1, 5.1 MP2, 5.1 MP3
Last Updated: September 26 2005 08:06 PM GMT
Expires on: 365 days from publish date
Subscribe Via E-Mail IconSubscribe to receive critical updates about this document

Subjects:
 NetBackup BusinesServer
   Publishing Status: Techalert
NetBackup DataCenter
   Publishing Status: Techalert
NetBackup Enterprise Server
   Publishing Status: Techalert
NetBackup Server
   Publishing Status: Techalert

Languages:
 English (US), Japanese

Operating Systems:
NetWare

5.1, 6.0, 6.5