SB2013080502 - Multiple vulnerabilities in Backup Exec
Published: August 5, 2013 Updated: August 11, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2013-4575)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2. A remote attacker can use unspecified vectors. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Cross-site scripting (CVE-ID: CVE-2013-4676)
Vulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 when processing vectors involving a (1) custom-reports generation page, (2) Storage Devices creation page, or (3) jobs creation page in the management console; or (4) a Backup Exec server-management page in the beutility console. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-4677)
The vulnerability allows a local #AU# to read and manipulate data.
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
4) Information disclosure (CVE-ID: CVE-2013-4678)
The vulnerability allows a remote #AU# to gain access to sensitive information.
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://osvdb.org/95938
- http://www.securityfocus.com/bid/61485
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_00
- http://osvdb.org/95941
- http://osvdb.org/95942
- http://www.securityfocus.com/bid/61486
- http://osvdb.org/95939
- http://www.securityfocus.com/bid/61487
- http://www.securityfocus.com/bid/61488