Security Flaw in Veritas Backup Exec Affects Microsoft Exchange Users
CVE-2002-1117

Currently unrated

Key Information:

Vendor: Symantec Veritas
Status: Backup Exec
Vendor: CVE Published:; 4 October 2002

Summary

The security vulnerability in Veritas Backup Exec 8.5 and earlier versions is linked to the configuration of the 'RestrictAnonymous' registry key in Microsoft Exchange 2000. When set to 0, this configuration permits unauthorized users to access and enumerate the Security Account Manager (SAM) database and shared resources. This exposure can lead to potential NetBIOS-based attacks, compromising sensitive information and the integrity of networked environments.

References

http://marc.info/?l=bugtraq&m=103134395124579&w=2

mailing-listx_refsource_BUGTRAQ

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.osvdb.org/8230

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Sep 6, 2002