Software Engineering Institute

According to Symantec/VERITAS:

A vulnerability has been confirmed in the NetBackup Volume Manager daemon (vmd). By sending a specially crafted packet to the Volume Manager, a stack overflow occurs. This is caused by improper bounds checking. Exploitation does not require authentication, thereby allowing a remote attacker to take over the system or disrupt the backup capabilities. Further testing and code inspection has revealed that all other NetBackup 5.1 daemons are potentially affected in the same manner. Therefore, any Master Servers, Media Servers, Clients and Console machines at this version level are subject to this vulnerability. However, NetBackup 5.1 database agents are not affected by this issue.

For more information, please refer to Symantec Advisory SYM05-024.

Please note that exploit code for this vulnerability is publicly available.

A remote, unauthenticated attacker may be able to trigger this buffer overflow by sending a vulnerable NetBackup installation a specially crafted packet. Exploitation may allow that attacker to execute arbitrary code with root or SYSTEM privileges.

Apply Patches

Please see the Symantec Updates & Downloads page for patches to correct this vulnerability.

Restrict access

You may wish to block access to the vulnerable software from outside your network perimeter, specifically by blocking access to the ports used by the NetBackup services. Symantec/VERITAS provided the following table of default ports for NetBackup processes: