Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.SYMANTEC_BACKUP_EXEC_SERVER_SYM13-009.NASL
HistoryAug 08, 2013 - 12:00 a.m.

Symantec Backup Exec Server Multiple Vulnerabilities (SYM13-009)

2013-08-0800:00:00
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
www.tenable.com
49

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.853

Percentile

98.6%

JSON

According to its version number, the Symantec Backup Exec Server installed on the remote Windows host is affected by multiple vulnerabilities :

  • Multiple cross-site scripting vulnerabilities exist in the management console and the beutility console.
    (CVE-2013-4676)

  • Backup and restore data files are stored with weak ACLs, allowing read/write access to everyone. (CVE-2013-4677)

  • The NMDP protocol leaks host versioning information.
    (CVE-2013-4678)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(69263);
  script_version("1.8");
  script_cvs_date("Date: 2018/11/15 20:50:28");

  script_cve_id("CVE-2013-4676", "CVE-2013-4677", "CVE-2013-4678");
  script_bugtraq_id(61486, 61487, 61488);
  script_xref(name:"IAVA", value:"2013-A-0156");

  script_name(english:"Symantec Backup Exec Server Multiple Vulnerabilities (SYM13-009)");
  script_summary(english:"Checks the version of beserver.exe");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a backup server that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its version number, the Symantec Backup Exec Server
installed on the remote Windows host is affected by multiple
vulnerabilities :

  - Multiple cross-site scripting vulnerabilities exist in
    the management console and the beutility console.
    (CVE-2013-4676)

  - Backup and restore data files are stored with weak ACLs,
    allowing read/write access to everyone. (CVE-2013-4677)

  - The NMDP protocol leaks host versioning information.
    (CVE-2013-4678)");
  # https://support.symantec.com/en_US/article.SYMSA1277.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?745c207e");
  script_set_attribute(attribute:"solution", value:"Upgrade to Symantec Backup Exec 2010 R3 SP3, 2012 SP2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/08/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:symantec:veritas_backup_exec");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");

  script_dependencies("symantec_backup_exec_server_installed.nasl");
  script_require_keys("SMB/Symantec_Backup_Exec_Server/version");

  exit(0);
}

include('global_settings.inc');
include('misc_func.inc');
include("audit.inc");

version = get_kb_item_or_exit('SMB/Symantec_Backup_Exec_Server/version');
path = get_kb_item_or_exit('SMB/Symantec_Backup_Exec_Server/path');

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

fix = '';
if (ver[0] == 13 && ver_compare(ver:version, fix:'13.0.5204.1225') < 0) fix = '13.0.5204.1225 (2010 R3 SP3)';
else if (ver[0] == 14 && ver_compare(ver:version, fix:'14.0.1798.1244') < 0) fix = '14.0.1798.1244 (2012 SP2)';

if (fix)
{
  set_kb_item(name:"www/0/XSS", value:TRUE);
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix + '\n';
    security_warning(port:get_kb_item('SMB/transport'), extra:report);
  }
  else security_warning(port:get_kb_item('SMB/transport'));
  exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, 'Symantec Backup Exec Server', version, path);

Related

kaspersky 1
cvelist 3
cve 3
prion 3
nvd 3
kaspersky
kaspersky
KLA10351 Multiple vulnerabilities in Symantec Backup Exec
2013-08-05 00:00:00
cvelist
cvelist
CVE-2013-4676
2013-08-04 20:00:00
CVE-2013-4678
2013-08-04 20:00:00
CVE-2013-4677
2013-08-04 20:00:00
cve
cve
CVE-2013-4676
2013-08-05 13:22:52
CVE-2013-4677
2013-08-05 13:22:52
CVE-2013-4678
2013-08-05 13:22:52
prion
prion
Design/Logic Flaw
2013-08-05 13:22:00
Information disclosure
2013-08-05 13:22:00
Cross site scripting
2013-08-05 13:22:00
nvd
nvd
CVE-2013-4678
2013-08-05 13:22:52
CVE-2013-4677
2013-08-05 13:22:52
CVE-2013-4676
2013-08-05 13:22:52

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

EPSS

0.853

Percentile

98.6%

JSON
Related for SYMANTEC_BACKUP_EXEC_SERVER_SYM13-009.NASL
kaspersky1cvelist3cve3prion3nvd3