Home  >  CVE-2004-1172
CVE Details for CVE: CVE-2004-1172
Summary
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
Timestamps
Last major update 11-07-2017 - 01:30
Published 10-01-2005 - 05:00
Last modified 11-07-2017 - 01:30
References
Vulnerable Configurations
  • cpe:2.3:a:symantec_veritas:backup_exec:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:8.5:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:8.6:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec_veritas:backup_exec:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:symantec_veritas:backup_exec:9.1:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
NVD-CWE-Other
CVSS
Base
10.0
Impact
10.0
Exploitability
10.0
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
CVSS3
None
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 11974
cert-vn VU#907729
confirm
idefense 20041216 Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability
misc http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php
ntbugtraq 20050112 Veritas Backup Exec Name Service Remote Universal Exploit
secunia 13495
xf netbackup-agent-browser-bo(18506)
saint via4
bid 11974
description VERITAS Backup Exec Agent Browser hostname buffer overflow
id misc_backupexec
osvdb 12418
title backup_exec_agent_browser_hostname
type remote