Added: 12/04/2005
CVE: CVE-2005-3116
BID: 15353
OSVDB: 20674
VERITAS NetBackup is a backup and recovery solution for multiple platforms.
The Volume Manager Daemon (VMD) has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port 13701/tcp on a NetBackup server or client could result in command execution with root or system privileges.
Apply the patch referenced in Symantec advisory 05-024.
[http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336&type=vulnerabilities ](<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=336&type=vulnerabilities
>)
Exploit works on VERITAS NetBackup Server 5.1. Due to small buffer size, the target must be able to connect back to the attack host to retrieve the shell code.
Windows