CVE-2005-0771

VERITAS Backup Exec Server <10.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0771. PoCs published by hdm, including Metasploit module auxiliary/admin/backupexec/registry.

AI-analyzed exploit summary This Metasploit module exploits a remote registry access flaw in Veritas Backup Exec Server via DCERPC to read/write registry keys. It supports actions like dumping system info or creating a logon notice.

Description

VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.

Exploits (1)

metasploit WORKING POC
by hdm · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/backupexec/registry.rb

This Metasploit module exploits a remote registry access flaw in Veritas Backup Exec Server via DCERPC to read/write registry keys. It supports actions like dumping system info or creating a logon notice.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Veritas Backup Exec Server (CVE-2005-0771)
No auth needed
Prerequisites: Network access to port 6106
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA05-180A.html
Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1014273
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/584505
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/15789
Patch, Vendor Advisory x_refsource_confirm
http://seer.support.veritas.com/docs/276605.htm

Scores

EPSS 0.8137
EPSS Percentile 99.2%

Details

Status published
Products (4)
symantec_veritas/backup_exec 9.0_rev.4367
symantec_veritas/backup_exec 9.0_rev.4454
symantec_veritas/backup_exec 9.1_rev.4691
symantec_veritas/backup_exec 10.0_rev.5484
Published Jun 23, 2005
Tracked Since Feb 18, 2026