Feeds

Symantec plugs vulnerabilities in NetBackup

Holey night

Providing a secure and efficient Helpdesk

Symantec says it has fixed vulnerabilities in its NetBackup storage software identified by TippingPoint.

A brace of good ol' buffer overflow problems hit the backup program, meaning "A remote attacker who successfully gains access to the targeted system can append commands to a valid command and potentially leverage this issue to run arbitary commands with elevated privilege on the targeted system."

Symantec says there are no known exploitations so far. Maintenance updates are now available to patch the holes. In a statement, the firm said: "Symantec takes the security of our products and our customers very seriously." You'd hope.

"Symantec engineers have verified and corrected these issues in all currently supported versions of NetBackup," the firm added.

An internal review recently identified other security quibbles in NetBackup, which Symantec was working on fixing when the two new ones were Tipping-Pointed out.

The fixes are available here. ®

Providing a secure and efficient Helpdesk

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.