[Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!
2005-10-12 15:21:09
Subject: |
[Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)! |
From: |
scb4 AT georgetown DOT edu (Steve Beuttel) |
Date: |
Wed, 12 Oct 2005 15:21:09 -0400 |
If you try remote mangement via jnbSA, you won't be able to authenticate
with that
port blocked. Tcp Wrappers will restrict login source IP/ranges and log
all attempts.
If you're not going to use it, then it's not a problem that you can't
authenticate
from the GUI due to blocking the port.
-Steve-
~~~~
Mark.Donaldson AT cexp DOT com wrote:
>Sorry, can you detail? I'm anti-GUI and therefore not very familiar with
>what you're saying.
>
>-M
>
>-----Original Message-----
>From: veritas-bu-admin AT mailman.eng.auburn DOT edu
>[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu]On Behalf Of Steve
>Beuttel
>Sent: Wednesday, October 12, 2005 11:28 AM
>To: Mark.Donaldson AT cexp DOT com
>Cc: veritas-bu AT mailman.eng.auburn DOT edu
>Subject: Re: [Veritas-bu] NetBackup (possible root) Exploit
>(4.5,5.0,5.1, 6.0)!
>
>
>You lose GUI auth. tcpwrappers is a quick stop, until you can patch, if
>you want to use the GUI.
>
>-Steve-
>~~~~~
>
>
>Mark.Donaldson AT cexp DOT com wrote:
>
>
>
>>What's the penalty for just disabling the port in the /etc/services or
>>/etc/inetd.conf files?
>>
>>-----Original Message-----
>>From: Piszcz, Justin [mailto:jpiszcz AT servervault DOT com]
>>Sent: 12 October 2005 12:12
>>To: veritas-bu AT mailman.eng.auburn DOT edu
>>Subject: [Veritas-bu] NetBackup (possible root) Exploit
>>(4.5,5.0,5.1,6.0)!
>>
>>Better get patching! J
>>
>>Dear Valued Symantec Customer,
>>
>>This is to inform you that Symantec Enterprise Technical Support has
>>just issued a security alert. This is a critical technical issue for:
>>
>>VERITAS NetBackup (tm) DataCenter 4.5 - including all present
>>Maintenance Packs and Feature Packs
>>
>>VERITAS NetBackup (tm) BusinesServer 4.5 - including all present
>>Maintenance Packs and Feature Packs
>>
>>VERITAS NetBackup (tm) Enterprise Server 5.0, 5.1, and 6.0 - including
>>all present Maintenance Packs for each version
>>
>>VERITAS NetBackup (tm) Server 5.0, 5.1, and 6.0 - including all present
>>Maintenance Packs for each version
>>
>>For a detailed description of this issue and our recommendations, please
>>review the following reference document:
>>
>>http://support.veritas.com/docs/279085
>>
>>This email is for the intended addressee only.
>>If you have received it in error then you must not use, retain,
>>disseminate or otherwise deal with it.
>>Please notify the sender by return email.
>>The views of the author may not necessarily constitute the views of
>>EADS Astrium Limited.
>>Nothing in this email shall bind EADS Astrium Limited in any contract
>>or obligation.
>>
>>EADS Astrium Limited, Registered in England and Wales No. 2449259
>>Registered Office: Gunnels Wood Road, Stevenage, Hertfordshire, SG1
>>2AS, England
>>
>>
>>This email is for the intended addressee only.
>>If you have received it in error then you must not use, retain,
>>disseminate or otherwise deal with it.
>>Please notify the sender by return email.
>>The views of the author may not necessarily constitute the views of
>>EADS Astrium Limited.
>>Nothing in this email shall bind EADS Astrium Limited in any contract
>>or obligation.
>>
>>EADS Astrium Limited, Registered in England and Wales No. 2449259
>>Registered Office: Gunnels Wood Road, Stevenage, Hertfordshire, SG1
>>2AS, England
>>
>>
>>
>_______________________________________________
>Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
>http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>_______________________________________________
>Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
>http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>
>
>
|
<Prev in Thread] |
Current Thread |
[Next in Thread> |
- [Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!, WEAVER, Simon
- [Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!, Mark.Donaldson AT cexp DOT com
- [Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!, Mark.Donaldson AT cexp DOT com
- [Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!,
Steve Beuttel <=
|
Previous by Date: |
[Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!, Mark.Donaldson AT cexp DOT com |
Next by Date: |
[Veritas-bu] Links / Resources Netbackup 4.x and 5.x, Simon Weaver |
Previous by Thread: |
[Veritas-bu] NetBackup (possible root) Exploit (4.5,5.0,5.1, 6.0)!, Mark.Donaldson AT cexp DOT com |
Next by Thread: |
[Veritas-bu] Start up scripts for RHEL3, John Kennedy |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|