Document ID: 278430
http://support.veritas.com/docs/278430
E-Mail this document to a colleague
http://support.veritas.com/docs/278430
E-Mail this document to a colleague
VERITAS NetBackup (tm) for NetWare Media Servers Security Advisory: Unauthorized downloading of arbitrary files
Details:
Note: The risk for this issue can be substantially mitigated if port 10000 is not available outside of the perimeter network.
What is affected?
NetBackup for NetWare Media Servers is susceptible to a vulnerability regarding the unauthorized downloading of arbitrary files. A remote attacker can exploit this vulnerability and download arbitrary files from the NetWare media server. A metasploit framework exploit is available and there are reports of this vulnerability currently being exploited in the wild. This exploit can be performed on media servers running the NetWare Media Server option. This exploit is specific to systems running the NetWare Media Server option and does not affect the Network Data Management Protocol (NDMP) agent.
Formal Resolution
This issue is formally resolved with the following NetBackup maintenance patch and feature pack releases.
Workaround Information:
Implement any of the following changes to avoid this issue until a fix can be applied:
Symantec strongly recommends the following best practices:
1. Always perform a Full backup prior to and after any changes to your environment
2. Always make sure that your environment is running the latest version and patch level
If you have any questions or concerns about this issue, please contact Symantec Enterprise Technical Support.
If you have not received this Technote from the Symantec Email Notification Service for Software Alerts, please subscribe at the following link:
http://maillist.support.veritas.com/subscribe.asp
This issue affects the following versions of NetBackup that
are running the NetWare Media Server option:
- NetBackup (tm) DataCenter / BusinessServer 4.5 (both maintenance pack and feature pack levels)
- NetBackup (tm) Enterprise Server / Server 5.0 and 5.1
Note: The risk for this issue can be substantially mitigated if port 10000 is not available outside of the perimeter network.
What is affected?
NetBackup for NetWare Media Servers is susceptible to a vulnerability regarding the unauthorized downloading of arbitrary files. A remote attacker can exploit this vulnerability and download arbitrary files from the NetWare media server. A metasploit framework exploit is available and there are reports of this vulnerability currently being exploited in the wild. This exploit can be performed on media servers running the NetWare Media Server option. This exploit is specific to systems running the NetWare Media Server option and does not affect the Network Data Management Protocol (NDMP) agent.
Formal Resolution
This issue is formally resolved with the following NetBackup maintenance patch and feature pack releases.
- NetBackup 4.5 Maintenance Pack 8B for Netware Media Servers http://support.veritas.com/docs/278456
- NetBackup 4.5 Feature Pack 8B for Netware Media Servers http://support.veritas.com/docs/278457
- NetBackup 5.0 Maintenance Pack 5B for Netware Media Servers http://support.veritas.com/docs/278458
- NetBackup 5.1 Maintenance Pack 3B for Netware Media Servers http://support.veritas.com/docs/278459
Workaround Information:
Implement any of the following changes to avoid this issue until a fix can be applied:
- Block external access at the network boundary, unless service is required by external parties.
- Block external access to the service (TCP port 10000) at the network perimeter. Permit access for trusted or internal computers and networks only.
- Deploy network intrusion detection systems to monitor network traffic for signs of malicious, anomalous, or suspicious activity. This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities.
- As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date.
Symantec strongly recommends the following best practices:
1. Always perform a Full backup prior to and after any changes to your environment
2. Always make sure that your environment is running the latest version and patch level
If you have any questions or concerns about this issue, please contact Symantec Enterprise Technical Support.
If you have not received this Technote from the Symantec Email Notification Service for Software Alerts, please subscribe at the following link:
http://maillist.support.veritas.com/subscribe.asp
Related Documents:
http://support.veritas.com/docs/278456
http://support.veritas.com/docs/278457
http://support.veritas.com/docs/278458
http://support.veritas.com/docs/278459
http://support.veritas.com/docs/278456
http://support.veritas.com/docs/278457
http://support.veritas.com/docs/278458
http://support.veritas.com/docs/278459
Products Applied:
NetBackup BusinesServer 4.5
NetBackup DataCenter 4.5
NetBackup Enterprise Server 5.0, 5.1
NetBackup Server 5.0, 5.1
NetBackup with the NetWare Media Server option 4.5, 5.0, 5.1
NetBackup BusinesServer 4.5
NetBackup DataCenter 4.5
NetBackup Enterprise Server 5.0, 5.1
NetBackup Server 5.0, 5.1
NetBackup with the NetWare Media Server option 4.5, 5.0, 5.1
Last Updated: August 13 2005 01:51 AM GMT
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Subjects:
NetBackup BusinesServer
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup DataCenter
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup Enterprise Server
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup Server
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup with the NetWare Media Server option
Security: Symantec Employee
NetBackup BusinesServer
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup DataCenter
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup Enterprise Server
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup Server
Application: Alert, Upgrade
Best Practice: Upgrade
Publishing Status: Techalert
NetBackup with the NetWare Media Server option
Security: Symantec Employee
Languages:
English (US)
English (US)
Operating Systems:
NetWare
NetWare
5.1, 6.0, 6.5
Symantec World Headquarters:
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
THE INFORMATION PROVIDED IN THE SYMANTEC SOFTWARE KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SYMANTEC SOFTWARE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SYMANTEC SOFTWARE OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,EVEN IF SYMANTEC SOFTWARE OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.