VERITAS Backup Exec Remote Agent Static Password Arbitrary File Download
Critical Nessus Plugin ID 19427
SynopsisIt is possible to retrieve/delete files on the remote host.
DescriptionThe remote host is running a version of VERITAS Backup Exec Agent which is configured with a default root account.
An attacker may exploit this flaw to retrieve files from the remote host.
SolutionUpdate the product as described in the vendor advisory referenced above.