Symantec Security Advisory, SYM06-005

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Symantec Security Advisory, SYM06-005
From: secure@xxxxxxxxxxxx
Date: 20 Mar 2006 20:42:45 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Symantec Security Advisory
SYM06-005
17 March 2006 

Veritas Backup Exec for Windows Servers: Media Server BENGINE Service Job
log Format String Overflow

Revision History
None 

Severity
Low (network/system authorization and specific configuration required)

Remote Access Yes
Local Access No 
Authentication Required Yes 
Exploit publicly available No  

Overview
Backup Exec for Windows Servers Media Server is susceptible to a format string 
vulnerability in the job log in BENGINE.exe when job logging is
configured with full details enabled. (Not the default configuration)
An authorized user on the network with a system configured for backup could 
potentially host a specifically-formatted file on their system. If the file 
name is properly mal-formatted AND the backup is being run with job logs 
enabled in Full Details mode, the malicious user could cause a denial of 
service on the Media Server or may potentially be able to run arbitrary code on 
the system hosting the Media Server.

Full Advisory available @
http://www.symantec.com/avcenter/security/Content/2006.03.17b.html

Prev by Date: Re: Invision Power Board v2.1.4 - session hijacking
Next by Date: Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
Previous by thread: Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0
Next by thread: DNS Amplification Attacks
Index(es):
- Date
- Thread