Command Injection Vulnerability in Symantec Veritas NetBackup
CVE-2006-4902

Currently unrated

Key Information:

Vendor

Symantec
Status
Veritas Netbackup Server
Veritas Netbackup Enterprise Server
Veritas Netbackup Client
Vendor
CVE Published:
14 December 2006

What is CVE-2006-4902?

The bpcd daemon in Symantec's Veritas NetBackup is susceptible to a command injection flaw due to inadequate validation of chained commands. This vulnerability enables remote attackers to execute arbitrary commands by appending malicious instructions to legitimate commands. The affected versions include NetBackup 5.0 prior to MP7, 5.1 prior to MP6, and 6.0 prior to MP4. Users are advised to upgrade to the latest patched versions to mitigate this significant risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/23368
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/27638
vdb-entryx_refsource_XF
http://securitytracker.com/id?1017379
vdb-entryx_refsource_SECTRACK

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.