icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Bakbone NetVault Multiple Vulnerabilities

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running Bakbone NetVault, an enterprise backup/restore application. This version of NetVault is vulnerable to a remote heap overflow as well as a local content-parsing overflow. An attacker exploiting the first flaw would need to be able to connect to the application on port 20031. A successful exploit would result in arbitrary code being executed by the SYSTEM process. An attacker exploiting the second flaw would need local read/write access to the Netvault configuration files. A successful attack would lead to arbitrary code being executed.

Solution

No solution is known at this time.