CVE-2004-1172

Symantec Veritas Backup Exec - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16331

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by class101 · cremotewindows

https://www.exploit-db.com/exploits/750

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/backupexec/name_service.rb

View Code ZIP pw:eip

References (10)

[Various Sources] http://seer.support.veritas.com/docs/273419.htm

[Various Sources] http://seer.support.veritas.com/docs/273420.htm

[Various Sources] http://seer.support.veritas.com/docs/273422.htm

[Various Sources] http://seer.support.veritas.com/docs/273850.htm

[Various Sources] http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php

[Various Sources] http://www.idefense.com/application/poi/display?id=169

[US Government Resource] http://www.kb.cert.org/vuls/id/907729

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/11974

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18506

[Third Party Advisory] http://secunia.com/advisories/13495/

Scores

EPSS 0.8222

EPSS Percentile 99.2%

Classification

Status draft

Affected Products (5)

symantec_veritas/backup_exec

Timeline

Published Jan 10, 2005

Tracked Since Feb 18, 2026