Zero Day Initiative

TippingPoint Zero Day Initiative

ZDI STATISTICS...

# Created Cases:	1,318
# Researchers:	810
Avg. Verification Time:	15 days

Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability

ZDI-06-050: December 13th, 2006

CVE ID

Affected Vendors

Affected Products

Veritas NetBackup

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Veritas NetBackup. Authentication is not required to exploit this vulnerability.

The specific flaw exists within bpcd.exe during the parsing of overly long CONNECT_OPTIONS requests to a NetBackup Master/Media Server. When the CONNECT_OPTIONS command is parsed, the contents are copied into a stack allocated buffer without proper length checking. Exploitation of this vulnerability can lead to complete system compromise.

Vendor Response

Symantec has issued an update to correct this vulnerability. More details can be found at:

http://www.symantec.com/avcenter/security/Content/2006.12.13a.html

Disclosure Timeline

Credit

This vulnerability was discovered by:

Published Advisories

ZDI-08-044: Mozilla Firefox

published 2008-07-17

ZDI-08-043: Sun Microsystems

published 2008-07-17

ZDI-08-042: Sun Microsystems

published 2008-07-17

ZDI-08-041: Novell

published 2008-07-10

ZDI-08-040: Microsoft

published 2008-06-10

Upcoming Advisories

reported 2008-07-08, 13 days ago

reported 2008-07-07, 14 days ago

reported 2008-07-07, 14 days ago

reported 2008-07-03, 18 days ago

reported 2008-06-26, 25 days ago

Recent Press

iPhone and iPod Touch updated with security patches

published 2008-07-11, CNET

Apple TV gets a security update

published 2008-07-10, CNET

First reports of a Firefox 3 vulnerability

published 2008-06-19, BetaNews

Researchers disclose Firefox 3 flaws

published 2008-06-19, SecurityFocus

Millions of downloads -- and the first critical ...

published 2008-06-19, SCMagazine