Denial of Service Vulnerability in Symantec Backup Exec for Windows Servers
CVE-2007-4347

Currently unrated

Key Information:

Vendor: Symantec
Status: Backupexec System Recovery
Vendor: CVE Published:; 29 November 2007

Summary

The Job Engine service in Symantec Backup Exec for Windows Servers is susceptible to multiple integer overflow vulnerabilities, which can be exploited by remote attackers. By sending specially crafted packets to TCP port 5633, attackers may trigger an infinite loop that leads to excessive CPU and memory consumption, effectively causing a denial of service. This vulnerability affects specific builds of Backup Exec 11d, emphasizing the importance of maintaining up-to-date security practices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/38677

vdb-entryx_refsource_XF

http://secunia.com/advisories/26975

third-party-advisoryx_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 29, 2007
Vulnerability Reserved
Aug 14, 2007