Symantec finds bug in Veritas back-up software
Published: 15 Aug 2005 17:10 BST
Veritas has its new partner, Symantec, to thank for the latest embarrassing news of the vulnerability of its Back-Up software.
On Friday, Symantec released a warning that there was an unpatched vulnerability on Veritas Backup Exec for Windows and NetBackup for Netware, two of the most widely used pieces of storage software.
Over the weekend, Symantec released a series of updates to help deal with the problem.
The news of the flaw came only days after Symantec had released details of a patched problem in the same software. More details then emerged from the French security site FrSIRT which said the "vulnerability identified in Veritas Backup Exec and NetBackup, could be exploited by remote attackers to gain unauthorised access".
FrSIRT maintains the flaw was "due to a design error". According to some sources, exploits are already happening with various Internet security sites reporting increased activity and scans for port 10000.
There is no patch available but Symantec recommends that administrators filter out traffic targeting TCP ports 6101, 6106, and 10000.
Did you find this article useful?
51 out of 93 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
