Educause Security Discussion mailing list archives
Re: Veritas Backup Exec Vulnerability
From: Jordan Wiens <numatrix () UFL EDU>
Date: Thu, 13 Jan 2005 19:20:53 -0500
Sure; nmap will identify the servers running veritas, and metasploit (http://www.metasploit.com/) can test the vulnerability. (sample nmap output) PORT STATE SERVICE VERSION 6101/tcp open VeritasBackupExec? ~~WARNING~~ Of course, following with this thread, be extra careful with Novell servers. For the lazy: (using nmap 3.75, the following works for me) nmap -sV -O -p6101,6102 10.0.0.0/8 -oG -|grep \ '6101/open/tcp//VeritasBackupExec.*Windows'| awk '{print $2}'\
windows-veritas-servers.txt
Then just use that as an input file to metasploit. -- Jordan Wiens, CISSP UF Network Security Engineer (352)392-2061 On Thu, 13 Jan 2005, Samuel Petreski wrote:
Does anyone know of a proactive way to scan for this vulnerability? Thanks. --Samuel Samuel Petreski Network Systems Analyst Computing and Network Services Kansas State University (785) 532-4943 petreski () ksu edu -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eddie H. Hunter Sent: Thursday, January 13, 2005 12:55 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Veritas Backup Exec Vulnerability Dear All, We are experiencing some incidents with the Backup Exec exploit on Novell Netware Servers and were interested if others were seeing this as well. Please drop me a note if you are having the same experience. Thank You, Eddie H. Hunter UGA Office of Information Security UGA-CIRT ehunter () uga edu 706-542-7949 "Maintaining the Constant Vigil of Integrity" This message and any attachment is intended only for the use of the addressee and may contain information that is PRIVILEGED. If you are not the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately. Thank You. Security Warning: Please note that this e-mail has been created in the knowledge that Internet e-mail is not a 100% secure communications medium. We advise that you understand and observe this lack of security when e-mailing us. Viruses: Although we have taken steps to ensure that this e-mail and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Veritas Backup Exec Vulnerability Eddie H. Hunter (Jan 13)
- <Possible follow-ups>
- Re: Veritas Backup Exec Vulnerability Jim Bollinger (Jan 13)
- Re: Veritas Backup Exec Vulnerability Hedrick, Gregory W (Jan 13)
- Re: Veritas Backup Exec Vulnerability H. Morrow Long (Jan 13)
- Re: Veritas Backup Exec Vulnerability Doug Pearson (Jan 13)
- Re: Veritas Backup Exec Vulnerability John Kowalczyk (Jan 13)
- Re: Veritas Backup Exec Vulnerability Brian Eckman (Jan 13)
- Re: Veritas Backup Exec Vulnerability Samuel Petreski (Jan 13)
- Re: Veritas Backup Exec Vulnerability Jordan Wiens (Jan 13)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)
- Re: Veritas Backup Exec Vulnerability Cam Beasley, ISO (Jan 18)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)