Symantec plugs vulnerabilities in NetBackup
PrintHoley night
Posted in Storage, 14th December 2006 14:41 GMT
Free whitepaper – Reliability analysis of the APC Symmetra MW Power System
Symantec says it has fixed vulnerabilities in its NetBackup storage software identified by TippingPoint.
A brace of good ol' buffer overflow problems hit the backup program, meaning "A remote attacker who successfully gains access to the targeted system can append commands to a valid command and potentially leverage this issue to run arbitary commands with elevated privilege on the targeted system."
Symantec says there are no known exploitations so far. Maintenance updates are now available to patch the holes. In a statement, the firm said: "Symantec takes the security of our products and our customers very seriously." You'd hope.
"Symantec engineers have verified and corrected these issues in all currently supported versions of NetBackup," the firm added.
An internal review recently identified other security quibbles in NetBackup, which Symantec was working on fixing when the two new ones were Tipping-Pointed out.
The fixes are available here. ®
Free whitepaper – Fundamental Principles of Generators for Information Technology
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Seven ways to optimize VMware server virtualization
Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Enabling The Agile Data Center
OpenOffice.org pushes gamers' buttons with OOMouse
Windows 7 kills two thirds of active Vista initiatives
Big Iron, big data, big networks, big problems
HP scores SMB storage hat-trick