Denial of Service Vulnerability in Symantec Backup Exec Job Engine
CVE-2007-4346

Currently unrated

Key Information:

Vendor: Symantec
Status: Backupexec System Recovery
Vendor: CVE Published:; 29 November 2007

Summary

A critical vulnerability in the Job Engine (bengine.exe) service of Symantec Backup Exec for Windows Servers allows remote attackers to effectively cause a denial of service condition. By sending a specially crafted packet to TCP port 5633, an attacker can trigger a NULL dereference, leading to a service crash. This poses a significant risk, especially for businesses relying on Backup Exec for data management and recovery. Timely updates and appropriate security measures are essential to mitigate the risk associated with this vulnerability.

References

http://secunia.com/advisories/26975

third-party-advisoryx_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

http://www.securityfocus.com/archive/1/484318/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Nov 29, 2007
Vulnerability Reserved
Aug 14, 2007