November 29, 2006 8:25 AM PST

Symantec issues patch for flaw in backup software

By Dawn Kawamoto
Staff Writer, CNET News.com

Related Stories

Veritas issues patch for NetBackup flaw

 October 13, 2005

Another flaw hits Veritas backup tools

 August 15, 2005

What's key to early days of Symantec-Veritas

 July 1, 2005

Security specialist Symantec issued a critical update on Tuesday for its Veritas NetBackup 6.0 PureDisk Remote Office Edition, whose vulnerabilities could allow attackers to gain remote control over a user's system.

Symantec issued the security update to address buffer overflow vulnerabilities found in the HTML-embedded scripting language PHP, which is used in its PureDisk software, according to Symantec's security advisory.

Symantec encountered similar buffer overflow vulnerabilities with its NetBackup software earlier this year. The concerns surrounding that problem were compounded when a security organization publicly released computer code that could exploit the flaws.

In this latest case with PureDisk, however, Symantec says it is not aware of any publicly available exploit code.

Add a Comment (Log in or register) 5 comments
Not Symantec's only problem
by law_hog November 29, 2006 9:51 AM PST
As an IT professional, I'm tired of cleaning PC's that are "protected" by Norton branded products.

Viruses and serious spyware seem to operate with ostensible immunity under the nose of the products that users imagine is protecting them. I fouind one piece of spyware that was actually able to disable Norton completely.

Symantec has more than a backup flaw to deal with.
Reply to this comment View reply
At least they're starting to learn
by wbenton December 3, 2006 7:43 AM PST
They've successfully weaned themselves from Microsoft as they're not waiting for Patch Tuesday to patch. (* GRIN *)

Walt
Reply to this comment
Veritas customers abandoning Symantec
by SamMapson December 6, 2006 1:07 PM PST
Many Veritas customers, like myself, are fed up with Symantec. Previous support from Veritas was decent. Now under Symantec, it is totally impossible to get support. A sna-fu in the licensing process in BackupExec 11d has caused a flood of calls into their support lines.

I tried twice to call their 800 number and was disconnected both times after a 40 minute wait. The line is now unreachable and you get a busy tone. An open ticket on their customercare support site has been unanswered/unassigned for over 2 weeks.

Their support forums are filled to dissatisfied customers like this one http://forums.symantec.com/discussions/thread.jspa?threadID=69331&tstart=0

I am also abandoning Symantec and going to EMC/Dantz/Retrospect. I called them and got a solution within a minute.
Reply to this comment
Powered by Jive Software
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News.com to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
Dell
PlayStation 3
Wii
Windows Vista
CNET sites
CNET TV
Downloads
Forums
News
Reviews
Site map
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET