Educause Security Discussion mailing list archives

Re: Veritas Backup Exec Vulnerability

From: David Taylor <ltr () ISC UPENN EDU>
Date: Tue, 18 Jan 2005 18:48:54 -0500

FYI,

Internet Security Systems released coverage today for theVeritas_BackupExec_BO with Internet Scanner XPU 7.41, which containsSecChkID 18506 - NetbackupAgentBrowserBo.


At 08:02 AM 1/18/2005, David Taylor wrote:

I don't know of anyway to 'scan for the vulnerability'. As Jordan statedyou can run an NMAP scan but as far as I can tell it won't actually tellyou what version of Veritas Backup Exec is running on the port.

I contacted ISS about a module that would detect Veritas vulnerabilitiesand they said:


<from ISS>

We have released product coverage today. Please refer to documentationfor RealSecure® Network Sensor, Proventia A(tm), Proventia G(tm) andProventia M(tm) Appliances, XPUs 23.2 and 1.39, and reference SecChkID18506 Veritas_BackupExec_BO.

We are currently investigating an Internet Scanner check and hope torelease one in the near future

</from ISS>

So, maybe ISS Internet Scanner will have something soon.

At 04:46 PM 1/13/2005, Samuel Petreski wrote:

Does anyone know of a proactive way to scan for this vulnerability?

Thanks.

--Samuel

Samuel Petreski
Network Systems Analyst
Computing and Network Services
Kansas State University
(785) 532-4943
petreski () ksu edu

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eddie H. Hunter
Sent: Thursday, January 13, 2005 12:55 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Veritas Backup Exec Vulnerability

Dear All,

We are experiencing some incidents with the Backup Exec exploit on Novell
Netware Servers and were interested if others were seeing this as well.
Please drop me a note if you are having the same experience.

Thank You,

Eddie H. Hunter
UGA Office of Information Security
UGA-CIRT
ehunter () uga edu
706-542-7949

"Maintaining the Constant Vigil of Integrity"

This message and any attachment is intended only for the use of the
addressee and may contain information that is PRIVILEGED. If you are not the
intended recipient, you are hereby notified that any dissemination of this
communication is strictly prohibited. If you have received this
communication in error, please erase all copies of the message and its
attachments and notify us immediately.  Thank You.

Security Warning: Please note that this e-mail has been created in the
knowledge that Internet e-mail is not a 100% secure communications medium.
We advise that you understand and observe this lack of security when
e-mailing us.

Viruses: Although we have taken steps to ensure that this e-mail and
attachments are free from any virus, we advise that in keeping with good
computing practice the recipient should ensure they are actually virus
free.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********

Participation and subscription information for this EDUCAUSE DiscussionGroup discussion list can be found at http://www.educause.edu/groups/.



==============================================
David Taylor            //      Sr. Information Security Specialist
Information Systems & Computing  //          Information Security
University of Pennsylvania      //         Philadelphia PA USA
LTR () ISC UPENN EDU                       (215) 898-1236
http://www.upenn.edu/computing/security/
==============================================

SANS - The Twenty Most Critical Internet Security Vulnerabilities
http://www.sans.org/top20/

**********

Participation and subscription information for this EDUCAUSE DiscussionGroup discussion list can be found at http://www.educause.edu/groups/.



==============================================
David Taylor            //      Sr. Information Security Specialist
Information Systems & Computing  //          Information Security
University of Pennsylvania      //         Philadelphia PA USA
LTR () ISC UPENN EDU                       (215) 898-1236
http://www.upenn.edu/computing/security/
==============================================

SANS - The Twenty Most Critical Internet Security Vulnerabilities
http://www.sans.org/top20/

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Current thread:

Re: Veritas Backup Exec Vulnerability, (continued)
- Re: Veritas Backup Exec Vulnerability Jim Bollinger (Jan 13)
- Re: Veritas Backup Exec Vulnerability Hedrick, Gregory W (Jan 13)
- Re: Veritas Backup Exec Vulnerability H. Morrow Long (Jan 13)
- Re: Veritas Backup Exec Vulnerability Doug Pearson (Jan 13)
- Re: Veritas Backup Exec Vulnerability John Kowalczyk (Jan 13)
- Re: Veritas Backup Exec Vulnerability Brian Eckman (Jan 13)
- Re: Veritas Backup Exec Vulnerability Samuel Petreski (Jan 13)
- Re: Veritas Backup Exec Vulnerability Jordan Wiens (Jan 13)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)
- Re: Veritas Backup Exec Vulnerability Cam Beasley, ISO (Jan 18)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)