The flaw is due to a design error, the French Security Incident Response Team said in an alert. A component of the software can be accessed via a static password, according to FrSIRT, which rates the issue as "critical." An exploit for the flaw is available on the Internet, and that could aid attackers.
Affected are the backup servers for Veritas Backup Exec, media servers running the Veritas NetWare Media Server Option, and the system running the remote agents for Windows, Unix and Linux servers, Symantec said. The Remote Agent is used to trigger backup of data.
Symantec urges users of the affected products to apply the available fixes. As a temporary work-around, the vendor advises blocking external access to TCP port 10000, which is used by the flawed component.
This is the second serious security issue that has affected Veritas products in recent months. Data backup tools have become easy targets for attackers, the SANS Institute said in its most recent quarterly security update. Serious security vulnerabilities have also been disclosed in products from Computer Associates.
Join the conversation
Comment replyThe posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.
Apple says it's got a third-party group looking for issues at manufacturing partners it uses. Read CNET's FAQ to find out how we got here and what the next steps are.
NY professor believes that a word-based algorithm can help bring together those who believe, with one glimpse, that they have found and lost the love of their lives.
After a higher-than-expected fourth quarter, the video subscription service unburdens itself of a pending yearlong class action suit and settles for $9 million.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
This week, we pass around Sony's new PlayStation Vita for some hands-on testing, check out HP's newest Beats Audio laptop, and debate the best and worst Valentine's Day gadget gifts.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Join the conversation