CVE-2005-2611
VERITAS Backup Exec - Info Disclosure
Title source: llmDescription
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · remotewindows
https://www.exploit-db.com/exploits/1147
metasploit
WORKING POC
by hdm, Unknown · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/backupexec/dump.rb
References (8)
Scores
EPSS
0.7963
EPSS Percentile
99.1%
Details
Status
published
Products (50)
symantec_veritas/backup_exec
netware_servers_9.0.4019
symantec_veritas/backup_exec
netware_servers_9.0.4170
symantec_veritas/backup_exec
netware_servers_9.0.4172
symantec_veritas/backup_exec
netware_servers_9.0.4174
symantec_veritas/backup_exec
netware_servers_9.0.4202
symantec_veritas/backup_exec
netware_servers_9.1.306
symantec_veritas/backup_exec
netware_servers_9.1.307
symantec_veritas/backup_exec
netware_servers_9.1.1067_.2
symantec_veritas/backup_exec
netware_servers_9.1.1067_.3
symantec_veritas/backup_exec
netware_servers_9.1.1127_.1
... and 40 more
Published
Aug 17, 2005
Tracked Since
Feb 18, 2026