Symantec Backup Exec for Windows Servers Denial of Service Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is affected by
several denial of service vulnerabilities.

Description :

Backup Exec for Windows Servers, a commercial backup product from
Symantec, is installed on the remote host.

The version of the Backup Exec Job Engine, bengine.exe, installed as
part of Backup Exec for Windows Server on the remote host contains a
NULL pointer dereference error when handling exceptions. Using a
specially crafted packet, an attacker can leverage this issue to crash
the affected service.

In addition, it is affected by two overflow errors that can cause the
service to enter an infinite loop, resulting in high CPU utilization
and / or memory exhaustion.

See also :

http://secunia.com/secunia_research/2007-74/advisory/
http://www.securityfocus.com/archive/1/484318/30/0/threaded
http://www.securityfocus.com/archive/1/484333/30/0/threaded

Solution :

Apply the appropriate hotfix according to the vendor advisories above.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 28361 (bews_dos.nasl)

Bugtraq ID: 26028
26029

CVE ID: CVE-2007-4346
CVE-2007-4347

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now