Symantec patched the flaw in Backup Exec application

Over the weekend, Symantec detailed a flaw in its Backup Exec storage solution, which allowed remote attackers to take over the entire system, and gain unauthorized access and data. Sensitive storage on enterprise networks.

Symantec confirmed the vulnerability affects the 9.1 and 9.2 Symantec Backup Exec versions for NetWare Servers and Windows Servers.

Symantec issued a bug fix for the vulnerability in NetWare, and is studying reports that the vulnerability also affects the Backup Exec application for Windows Servers and Backup Exec Continuous Protection Server (CPS) Remote Agent and Backup Exec Remote Agents.

The Backup Exec application's vulnerability affects the Remote Execute Protocol (RPC), which allows remote attackers to send malicious code to the application and hijack the target system. Even if these tasks cannot be performed, the RPC vulnerability can still cause a DoS attack.

In August 2005, Symantec also patched a vulnerability in the Backup Exec application for Windows and NetWare, which allowed hackers to fake passwords during the identification process between the server and agent (agent), granting access rights. access the files stored on the server.