Educause Security Discussion mailing list archives
Re: Veritas Backup Exec Vulnerability
From: "Hedrick, Gregory W" <hedrick () PURDUE EDU>
Date: Thu, 13 Jan 2005 14:17:19 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There's also a patch that you can't get from the auto update feature. http://support.veritas.com/docs/273420 We had the same problem here. Greg Hedrick, CISSP Manager, Security Services Purdue University - -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU]On Behalf Of Jim Bollinger Sent: Thursday, January 13, 2005 2:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Veritas Backup Exec Vulnerability Obviously, we have had problems here (see my post from yesterday), but we have Backup Exec on Windows. It is likely they are trying the same thing against you because you have the same port open in the Agent Browser. It was a straight buffer overflow. Block the affected port (6101?) at the border of your network.... Jim Bollinger Systems and Network Engineer Washington and Lee University Lexington, VA 24450 540-458-8743
ehunter () UGA EDU 1/13/2005 1:54:55 PM >>>
Dear All, We are experiencing some incidents with the Backup Exec exploit on Novell Netware Servers and were interested if others were seeing this as well. Please drop me a note if you are having the same experience. Thank You, Eddie H. Hunter UGA Office of Information Security UGA-CIRT ehunter () uga edu 706-542-7949 "Maintaining the Constant Vigil of Integrity" This message and any attachment is intended only for the use of the addressee and may contain information that is PRIVILEGED. If you are not the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify us immediately. Thank You. Security Warning: Please note that this e-mail has been created in the knowledge that Internet e-mail is not a 100% secure communications medium. We advise that you understand and observe this lack of security when e-mailing us. Viruses: Although we have taken steps to ensure that this e-mail and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4 iQA/AwUBQebJYiDgU7GF52xHEQLFdwCdHsxVAHjvSjAM7yGxstpdrjepxToAnitx pC6JuWKTJDYGhONQpiOJ1WP7 =VCl9 -----END PGP SIGNATURE----- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Veritas Backup Exec Vulnerability Eddie H. Hunter (Jan 13)
- <Possible follow-ups>
- Re: Veritas Backup Exec Vulnerability Jim Bollinger (Jan 13)
- Re: Veritas Backup Exec Vulnerability Hedrick, Gregory W (Jan 13)
- Re: Veritas Backup Exec Vulnerability H. Morrow Long (Jan 13)
- Re: Veritas Backup Exec Vulnerability Doug Pearson (Jan 13)
- Re: Veritas Backup Exec Vulnerability John Kowalczyk (Jan 13)
- Re: Veritas Backup Exec Vulnerability Brian Eckman (Jan 13)
- Re: Veritas Backup Exec Vulnerability Samuel Petreski (Jan 13)
- Re: Veritas Backup Exec Vulnerability Jordan Wiens (Jan 13)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)
- Re: Veritas Backup Exec Vulnerability Cam Beasley, ISO (Jan 18)
- Re: Veritas Backup Exec Vulnerability David Taylor (Jan 18)