Man-in-the-Middle Vulnerability in Symantec Backup Exec
CVE-2011-0546

Currently unrated

Key Information:

Vendor: Symantec
Status: Backup Exec
Vendor: CVE Published:; 31 May 2011

Summary

A vulnerability in Symantec Backup Exec allows man-in-the-middle attackers to intercept and manipulate communication between the media server and the remote agent. This flaw arises from insufficient validation of identity information, enabling unauthorized execution of NDMP commands through unclear channels. Ensuring proper validation measures are in place is critical to preventing potential exploitation.

References

http://marc.info/?l=bugtraq&m=131489365508507&w=2

vendor-advisoryx_refsource_HP

http://securityreason.com/securityalert/8300

third-party-advisoryx_refsource_SREASON

http://secunia.com/advisories/44698

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
May 31, 2011
Vulnerability Reserved
Jan 20, 2011