Educause Security Discussion mailing list archives

Re: Veritas Backup Exec Vulnerability

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Thu, 13 Jan 2005 14:17:25 -0500

Without disclosing any names, yes, Universities
in the northeast US have experienced incidents via
Veritas Backup Exec being actively exploited on
the Internet starting yesterday.

Encourage/push admins to patch/fix and you may
wish to  block TCP port 6101 at Internet or local routers.

- H. Morrow Long, CISSP, CISM
  University Information Security Officer
  Director -- Information Security Office
  Yale University, ITS


On Jan 13, 2005, at 1:54 PM, Eddie H. Hunter wrote:

Dear All,

We are experiencing some incidents with the Backup Exec exploit on
Novell
Netware Servers and were interested if others were seeing this as well.
Please drop me a note if you are having the same experience.

Thank You,

Eddie H. Hunter
UGA Office of Information Security
UGA-CIRT
ehunter () uga edu
706-542-7949

"Maintaining the Constant Vigil of Integrity"

This message and any attachment is intended only for the use of the
addressee and may contain information that is PRIVILEGED. If you are
not the
intended recipient, you are hereby notified that any dissemination of
this
communication is strictly prohibited. If you have received this
communication in error, please erase all copies of the message and its
attachments and notify us immediately.  Thank You.

Security Warning: Please note that this e-mail has been created in the
knowledge that Internet e-mail is not a 100% secure communications
medium.
We advise that you understand and observe this lack of security when
e-mailing us.

Viruses: Although we have taken steps to ensure that this e-mail and
attachments are free from any virus, we advise that in keeping with
good
computing practice the recipient should ensure they are actually virus
free.

**********
Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/.


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Attachment: smime.p7s
Description:

Current thread:

Veritas Backup Exec Vulnerability Eddie H. Hunter (Jan 13)
- <Possible follow-ups>
- Re: Veritas Backup Exec Vulnerability Jim Bollinger (Jan 13)
- Re: Veritas Backup Exec Vulnerability Hedrick, Gregory W (Jan 13)
- Re: Veritas Backup Exec Vulnerability H. Morrow Long (Jan 13)
- Re: Veritas Backup Exec Vulnerability Doug Pearson (Jan 13)
- Re: Veritas Backup Exec Vulnerability John Kowalczyk (Jan 13)
- Re: Veritas Backup Exec Vulnerability Brian Eckman (Jan 13)
- Re: Veritas Backup Exec Vulnerability Samuel Petreski (Jan 13)
- Re: Veritas Backup Exec Vulnerability Jordan Wiens (Jan 13)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)
- Re: Veritas Backup Exec Vulnerability Cam Beasley, ISO (Jan 18)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)