Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2005-2611

Published: 17/08/2005 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Backup Exec

Vulnerability Summary

VERITAS Backup Exec for Windows Servers 8.6 up to and including 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 up to and including 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote malicious users to read and write arbitrary files with the backup server.

Vulnerable Product Search on Vulmon Subscribe to Product

symantec veritas backup exec netware_servers_9.0.4170

symantec veritas backup exec netware_servers_9.0.4172

symantec veritas backup exec netware_servers_9.1.1152_.4

symantec veritas backup exec netware_servers_9.1.1154

symantec veritas backup exec windows_servers_8.6

symantec veritas backup exec windows_servers_9.0

symantec veritas backup exec windows_servers_9.1_rev._4691_sp2

symantec veritas backup exec remote agent netware_server

symantec veritas netbackup netware_media_servers_4.5_fp5

symantec veritas netbackup netware_media_servers_4.5_fp6

symantec veritas netbackup netware_media_servers_4.5_mp5

symantec veritas netbackup netware_media_servers_4.5_mp6

symantec veritas netbackup netware_media_servers_5.0_mp4

symantec veritas netbackup netware_media_servers_5.0_mp5

symantec veritas netbackup netware_media_servers_5.1

symantec veritas backup exec netware_servers_9.1.1067_.2

symantec veritas backup exec netware_servers_9.1.1067_.3

symantec veritas backup exec netware_servers_9.1.1127_.1

symantec veritas backup exec netware_servers_9.1.307

symantec veritas backup exec windows_servers_10.0_rev._5484

symantec veritas backup exec windows_servers_9.0_rev._4454

symantec veritas backup exec windows_servers_9.0_rev._4454_sp1

symantec veritas netbackup netware_media_servers_4.5_fp1

symantec veritas netbackup netware_media_servers_4.5_fp2

symantec veritas netbackup netware_media_servers_4.5_mp1

symantec veritas netbackup netware_media_servers_4.5_mp2

symantec veritas netbackup netware_media_servers_5.0

symantec veritas netbackup netware_media_servers_5.0_mp1

symantec veritas netbackup netware_media_servers_5.1_mp3

symantec veritas backup exec netware_servers_9.0.4174

symantec veritas backup exec netware_servers_9.0.4202

symantec veritas backup exec netware_servers_9.1.1156

symantec veritas backup exec netware_servers_9.1.306

symantec veritas backup exec windows_servers_9.0_rev._4367

symantec veritas backup exec windows_servers_9.0_rev._4367_sp1

symantec veritas backup exec remote agent unix_linux_server

symantec veritas backup exec remote agent windows_server

symantec veritas netbackup netware_media_servers_4.5

symantec veritas netbackup netware_media_servers_4.5_fp7

symantec veritas netbackup netware_media_servers_4.5_fp8

symantec veritas netbackup netware_media_servers_4.5_mp7

symantec veritas netbackup netware_media_servers_4.5_mp8

symantec veritas netbackup netware_media_servers_5.1_mp1

symantec veritas netbackup netware_media_servers_5.1_mp2

symantec veritas backup exec netware_servers_9.0.4019

symantec veritas backup exec netware_servers_9.1.1151_.1

symantec veritas backup exec netware_servers_9.1.1152

symantec veritas backup exec windows_servers_10.0_rev._5484_sp1

symantec veritas backup exec windows_servers_10.0_rev._5520

symantec veritas backup exec windows_servers_9.1

symantec veritas backup exec windows_servers_9.1_rev._4691

symantec veritas netbackup netware_media_servers_4.5_fp3

symantec veritas netbackup netware_media_servers_4.5_fp4

symantec veritas netbackup netware_media_servers_4.5_mp3

symantec veritas netbackup netware_media_servers_4.5_mp4

symantec veritas netbackup netware_media_servers_5.0_mp2

symantec veritas netbackup netware_media_servers_5.0_mp3

Exploits

Exploit DB: Veritas Backup Exec (Windows) - Remote File Access (Metasploit)
## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below In the # case of an unknown or missing license, this file defaults to the same # license as the core Framework (dual GPLv2 and Artistic) The latest # version of the Framework can always be obtained from metasp ...

References

NVD-CWE-Otherhttp://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.htmlhttp://www.us-cert.gov/cas/techalerts/TA05-224A.htmlhttp://www.kb.cert.org/vuls/id/378957http://www.securityfocus.com/bid/14551http://securitytracker.com/id?1014662http://secunia.com/advisories/16403http://www.vupen.com/english/advisories/2005/1387https://exchange.xforce.ibmcloud.com/vulnerabilities/21793https://nvd.nist.govhttps://www.exploit-db.com/exploits/1147/https://www.kb.cert.org/vuls/id/378957
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook