Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-09-20 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Symantec VERITAS Storage Exec DCOM Server BO's

Published: 2005-09-20
Last Updated: 2005-09-20 15:16:07 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
Symantec has announced that "NGS Research identified multiple DCOM servers in VERITAS Storage Exec". There is no advisory posted at the NGS Research Advisory page as of this time. The Symantec Advisory says "Multiple VERITAS Storage Exec DCOM server components have been identified as susceptible to buffer overflows through calls to associated ActiveX controls." "Successful exploitation is highly dependent on user involvement for malicious code to gain initial access to the system."


 Affected Product
Version
 Build Storage Exec
5.3 Rev. 2190
 Storage Central
5.2 Rev. 322

Older versions may be affected as well.
Keywords:
0 comment(s)
Diary Archives