Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Veritas pulls (some) patches for Backup Exec
Symantec yesterday released two new security advisories about vulnerabilities in Veritas Backup Exec.

The first vulnerability, described in SYM06-004 allows a malicious user crashing of the Backup Exec Remote Agent by sending a specially malformed packet.
This leads to a DoS attack on the service, but considering that this is typically used for backups of critical data, the severity could be pretty high (it's easy to imagine a scenario when you need business critical data that was supposed to be backed up yesterday, but it wasn't due to the Backup Exec crashing).
In normal circumstances we would say to update as soon as possible, but it looks like there are some issues with some of the patches (we got a submission from one of our readers, thanks Charles). Symantec also pulled patches for Backup Exec 10d (10.1) and 10.0 for Windows Servers - the original advisory available at says that the hotfix has temporarily been removed and will be re-released later.

The other advisory (SYM06-005) is related to a low risk vulnerability in the Job Engine service. This vulnerability can be exploited only in certain circumstances ("full details" logging has to be enabled, and a user has to host a specially formatted file on their system). Details about this vulnerability can be found at
I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Munich February 2022


401 Posts
ISC Handler
Mar 22nd 2006

Sign Up for Free or Log In to start participating in the conversation!