Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] qualys vulnerability

2007-02-28 13:54:10
Subject: [Veritas-bu] qualys vulnerability
From: JMARTI05 at intersil.com (Martin, Jonathan (Contractor))
Date: Wed, 28 Feb 2007 13:54:10 -0500 
Is the software saying the problem still exists because it doesn't see
the new NBU version, or because it is exploiting the code vulnerability?

 
Call me crazy but..... If their software says you have problem, but
can't prove it then short of running the exploit yourself (which IMO is
a major waste of time) then the NBU documentation should suffice.  If
their software is infact exploiting that problem and you are running a
future release then someone needs to inform Symantec.  I find the latter
unlikely... 
 
Stupid politics...
 
-Jonathan

________________________________

From: veritas-bu-bounces at mailman.eng.auburn.edu
[mailto:veritas-bu-bounces at mailman.eng.auburn.edu] On Behalf Of Bob
Stump
Sent: Wednesday, February 28, 2007 1:14 PM
To: veritas-bu at mailman.eng.auburn.edu
Subject: [Veritas-bu] qualys vulnerability



There is a scanning software provided by "Qualys" that has a problem but
they REFUSE to fix their scanning software. The scanning software
reports the vulnerability discussed in this notice but fails to report
that the proper MP was applied to resolve the vulnerability. This is
what our security group calls a "false positive".  They then require
that paper work be submitted to negate the "false positive".  I think
the scanning software should be fixed to NOT report a vulnerability, if
the proper resolution has already been applied. Am I wrong?
 
Here is the initial symantec resolution
A vulnerability has recently been discovered, which affects the
bpjava-msvc logon process within VERITAS NetBackup (tm) 4.5, 5.0, 5.1,
and 6.0 (including maintenance and feature packs). This vulnerability
could potentially allow remote malicious users to execute arbitrary
code.
http://support.veritas.com/docs/279085
 
The above resolution IS INCLUDED in subsequent maintenance packs.
 
BTW: I asked our security group to contact the source and get it fixed
but they said they had no confidence that the resolution from symantec
is adequate.
here is their website
http://www.qualys.com/products/overview/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
http://mailman.eng.auburn.edu/pipermail/veritas-bu/attachments/20070228/e0461ca0/attachment.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Veritas-bu] AIT-5 Solaris Settings, Jeff Bryer
Next by Date:  [Veritas-bu] AIT-5 Solaris Settings, Conner, Neil
Previous by Thread:  [Veritas-bu] qualys vulnerability, Bob Stump
Next by Thread:  [Veritas-bu] qualys vulnerability, Bob Stump
Indexes:  [Date] [Thread] [Top] [All Lists]