The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability bulletin CVE-2017-6399 CVE-2017-6400 CVE-2017-6401

Veritas NetBackup: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Veritas NetBackup.
Impacted systems: NetBackup.
Severity of this alert: 3/4.
Consequences of an intrusion: privileged access/rights, denial of service on service.
Pirate's origin: intranet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 01/03/2017.
Références of this alert: CVE-2017-6399, CVE-2017-6400, CVE-2017-6401, CVE-2017-6402, CVE-2017-6403, CVE-2017-6404, CVE-2017-6405, CVE-2017-6406, CVE-2017-6407, CVE-2017-6408, CVE-2017-6409, VIGILANCE-VUL-21983, VTS17-003.

Description of the vulnerability

Several vulnerabilities were announced in Veritas NetBackup.

A local attacker can start an arbitrary command with administrator privileges. [severity:3/4; CVE-2017-6407]

A local attacker can start an arbitrary command with administrator privileges. [severity:3/4; CVE-2017-6400]

An authenticated attacker can trigger a denial of service against the server. [severity:2/4; CVE-2017-6402]

A local attacker can run an arbitrary command on the client hosts with administrator privileges. [severity:3/4; CVE-2017-6399]

An attacker can submit commands with paths including "../", in order to run arbitrary command with hight privileges. [severity:3/4; CVE-2017-6406]

A local attacker can use bpcd and bpnbat to run an arbitrary command with administrator privileges. [severity:3/4; CVE-2017-6401]

An attacker who controls the DNS server can tamper with hostnames, in order to raise its privileges. [severity:2/4; CVE-2017-6405]

A local attacker can acess to the pbx_exchange socket unexpectedly early, in order to escalate his privileges. [severity:2/4; CVE-2017-6408]

An attacker can tamper with log files, as their access rights are wrong. [severity:2/4; CVE-2017-6404]

An attacker can use hard coded well known username and password to spoof NetBackup Cloud Storage Service. [severity:2/4; CVE-2017-6403]

An attacker can make profit of lack of authentication on access to a CORBA interface to escalate his privileges. [severity:2/4; CVE-2017-6409]
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides application vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.