Symantec Backup Exec for Windows Multiple Vulnerabilities

This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.


Synopsis :

It is possible to bypass authentication in the remote backup agent.

Description :

The remote host is running a version of VERITAS Backup Exec Agent that
is affected by multiple authentication bypass issues.

An attacker can exploit these issues to manage the backup agent or to
execute commands with high privileges.

See also :

http://www.symantec.com/avcenter/security/Content/2008.11.19.html

Solution :

Apply the appropriate hotfix referenced in the vendor advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 34820 ()

Bugtraq ID: 32346
32347

CVE ID: CVE-2008-5407
CVE-2008-5408

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now