Format String Vulnerability in NetBackup Data and Business Center and NetBackup Enterprise/Server/Client by VERITAS
CVE-2005-2715

Currently unrated

Key Information:

Vendor
Symantec Veritas
Status
Netbackup Enterprise Server Client
Netbackup Data And Business Center
Vendor
CVE Published:
12 October 2005

Summary

A format string vulnerability exists in the Java user interface service daemon (bpjava-msvc) for various versions of VERITAS NetBackup products. This flaw allows remote attackers to execute arbitrary code through a crafted COMMAND_LOGON_TO_MSERVER command. Successful exploitation could lead to system compromise, potentially affecting the integrity and availability of data managed by NetBackup services.

References

http://www.symantec.com/avcenter/security/Content/2005.10...
x_refsource_CONFIRM
http://secunia.com/advisories/17181
third-party-advisoryx_refsource_SECUNIA
http://seer.support.veritas.com/docs/279085.htm
x_refsource_CONFIRM

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2005-2715 : Format String Vulnerability in NetBackup Data and Business Center and NetBackup Enterprise/Server/Client by VERITAS | SecurityVulnerability.io