CVE-2007-4347

Symantec Backup Exec for Windows Servers <11.0.7170-11.0.6.6235 - DoS

Title source: llm

Description

Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allow remote attackers to cause a denial of service (CPU and memory consumption) via a crafted packet to port 5633/tcp, which triggers an infinite loop.

References (9)

Core 9

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/38677

Patch third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26975

Patch x_refsource_confirm

http://securityresponse.symantec.com/avcenter/security/Content/2007.11.27.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/484318/100/0/threaded

Vendor Advisory x_refsource_misc

http://secunia.com/secunia_research/2007-74/advisory/

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/26029

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/484333/100/0/threaded

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/4019

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1019001

Scores

EPSS 0.0135

EPSS Percentile 80.3%

Details

CWE

CWE-189

Status published

Products (2)

symantec/backupexec_system_recovery 11.0.6235

symantec/backupexec_system_recovery 11.0.7170

Published Nov 29, 2007

Tracked Since Feb 18, 2026