CVE-2005-3116 - Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITA

CVE-2005-3116

Summary

Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. Failed exploit attempts may result in a denial-of-service condition.

References

Vulnerable Configurations

cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp1:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp1:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp2:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp2:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp3:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp3:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp4:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp4:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp5:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.0_with_mp5:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp1:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp1:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp2:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp2:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp3a:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_with_mp3a:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_without_mp:*:*:*:*:*:*:*
cpe:2.3:a:symantec_veritas:netbackup:5.1_without_mp:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	15353
bugtraq	20060115 Veritas NetBackup "Volume Manager Daemon" Module Stack Overflow - Exploit 20060117 Re: Veritas NetBackup "Volume Manager Daemon" Module Stack Overflow - Exploit
cert-vn	VU#574662
confirm	http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html http://seer.support.veritas.com/docs/279553.htm
idefense	20051110 Stack Overflow in Veritas Netbackup Enterprise Server
osvdb	20674
sectrack	1015170
secunia	17503
vupen	ADV-2005-2349
xf	netbackup-vmd-bo(22985)

saint via4

bid	15353
description	VERITAS NetBackup Volume Manager Daemon buffer overflow
id	misc_netbackupvmd
osvdb	20674
title	veritas_netbackup_vmd
type	remote

Last major update

11-07-2017 - 01:33

Published

18-11-2005 - 06:03

Last modified

11-07-2017 - 01:33