12 August 2005

VERITAS Backup Exec Uses Hard-Coded Authentication Credentials

An attacker with knowledge of these credentials and access to the Remote Agent may be able to retrieve arbitrary files from a vulnerable system. The Remote Agent runs with SYSTEM privileges.

Exploit code, including the credentials, is publicly available. US-CERT has also seen reports of increased scanning activity on port 10000/tcp. This increase may be caused by attempts to locate vulnerable systems.

US-CERT is tracking this vulnerability as VU#378957.

Please note that VERITAS has recently merged with Symantec.

Read the full US-CERT Technical Cyber Security Alert TA05-224A

No comments: