Veritas BackupExec Agent vulnerability

[Brad Zimmerman <exocet () exocet ca>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://isc.sans.org/

[The following text was taken directly from the isc.sans.org site.  I
did not discover this vulnerability and I'm not taking any credit for
it.  Simply haven't seen this on the Vulnwach list.]

"A remote vulnerability in Veritas BackupExec Agent has been discovered.
This vulnerability is especially serious as it does not require any
authentication before the service can be exploited, and by their very
nature, backup servers tend to both be reachable by, and have access to,
a large number of systems within an organization. If you run BackupExec,
patches are available for both Version 8.6.x
http://seer.support.veritas.com/docs/273422.htm and Version 9.1.x
http://seer.support.veritas.com/docs/273420.htm";


- --
Sent via the web's best browser/email client - Mozilla v1.7.3
Verify my PGP signature!  Was it I or an imposter who sent this email?
PGP Key: BAA7260D FP: 3F87 632E 2513 06E3 D7EE  1C94 ACAD 1187 BAA7 260D
See my PGP FP/key at: http://exocet.ca and http://slashdot.org/~Exocet


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBwvWorK0Rh7qnJg0RAkd0AKCijlJAKQOHW4is6kO0nuYxQYb4vwCfVVEb
SA052q6acCEsK+xYiRUHHB4=
=9jWc
-----END PGP SIGNATURE-----