{ "id": "CVE-2005-2611", "sourceIdentifier": "cve@mitre.org", "published": "2005-08-17T04:00:00.000", "lastModified": "2017-07-11T01:32:54.737", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": true, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4019:*:*:*:*:*:*:*", "matchCriteriaId": "C24230F6-26C4-4A09-BEB0-BF4E5B8A83F9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4170:*:*:*:*:*:*:*", "matchCriteriaId": "A49730A7-4C5B-4130-A194-63BCB0C0DB62" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4172:*:*:*:*:*:*:*", "matchCriteriaId": "9247F741-16D7-40B3-9037-326270AE1A68" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4174:*:*:*:*:*:*:*", "matchCriteriaId": "BEBFD68D-E56E-4B95-AA70-CA2FC371AF2B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.0.4202:*:*:*:*:*:*:*", "matchCriteriaId": "44B5CC50-7D43-493F-8DD5-56807CFFB56C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.306:*:*:*:*:*:*:*", "matchCriteriaId": "2A59088D-B16C-4508-8594-4F9A66702914" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.307:*:*:*:*:*:*:*", "matchCriteriaId": "D6B20BEF-0D8F-412E-8AE3-9D660BF89C8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.2:*:*:*:*:*:*:*", "matchCriteriaId": "DA7C5BF9-5780-435D-9F42-5F2712A9C612" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1067_.3:*:*:*:*:*:*:*", "matchCriteriaId": "17278449-4647-418C-A43F-980EDCE47E0A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1127_.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4EC8908-5A6E-4BE7-9AB6-A96E331392F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1151_.1:*:*:*:*:*:*:*", "matchCriteriaId": "6BE7C8D6-CCFF-4C67-BD53-12519510A904" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152:*:*:*:*:*:*:*", "matchCriteriaId": "86CD25F2-2F58-4468-9898-15CE0701BBA1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1152_.4:*:*:*:*:*:*:*", "matchCriteriaId": "7BB00211-2397-4444-B8E2-FD05344FE05A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1154:*:*:*:*:*:*:*", "matchCriteriaId": "58ED7E29-8BFA-460F-B2C9-651DF9D31D4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:netware_servers_9.1.1156:*:*:*:*:*:*:*", "matchCriteriaId": "8DEFCF58-B287-4299-92FE-5077A52ADFA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_8.6:*:*:*:*:*:*:*", "matchCriteriaId": "C6375C88-EF6D-44E5-8445-788FB8B8DCDD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C778849-F5FE-4C4D-BED3-B4E59D18E5B1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367:*:*:*:*:*:*:*", "matchCriteriaId": "E034329F-003A-4A76-9146-8C3A216DEDD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4367_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "724349E3-8152-4FF3-8617-6399B13B5332" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454:*:*:*:*:*:*:*", "matchCriteriaId": "66BA959E-A95D-4828-9FE5-7A5D82627A5A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.0_rev._4454_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "F02B3EF2-1327-4138-B8E1-BEFEAABC4066" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF573CC6-E3A5-49A0-9D64-C7D82EE87903" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691:*:*:*:*:*:*:*", "matchCriteriaId": "30AB7137-F41A-420F-9C01-FBB3E012CDFF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_9.1_rev._4691_sp2:*:*:*:*:*:*:*", "matchCriteriaId": "1FDD5FDA-B5D4-4C93-A83E-3B7A1B89F02D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484:*:*:*:*:*:*:*", "matchCriteriaId": "11E65B29-5535-4818-ADF9-0E880AE152FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5484_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "EBBC7B82-58F9-4D75-B910-5287B7FA3720" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec:windows_servers_10.0_rev._5520:*:*:*:*:*:*:*", "matchCriteriaId": "46AD7EE2-DA3A-4877-B29D-71650B255061" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:netware_server:*:*:*:*:*:*:*", "matchCriteriaId": "A4823F99-C0BA-43E1-AA7F-E35415D6C279" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:unix_linux_server:*:*:*:*:*:*:*", "matchCriteriaId": "19977C9B-BD6C-45A4-AB33-31C7BB00782D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:backup_exec_remote_agent:windows_server:*:*:*:*:*:*:*", "matchCriteriaId": "CEE4468B-241C-4F20-BC43-5A24F187014A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C5081924-EAEB-4BAC-A6A9-A23587654D6D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "7B4EC4ED-AD7A-4D07-B105-D8BC11267942" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "7C8A41C7-1AB9-443D-BB23-F31144DFAFD7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp3:*:*:*:*:*:*:*", "matchCriteriaId": "D0D5585D-CBC1-4209-A990-33DCE08BD10D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp4:*:*:*:*:*:*:*", "matchCriteriaId": "D927248C-CD93-4266-8018-06546BDE0F46" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp5:*:*:*:*:*:*:*", "matchCriteriaId": "5F4076FB-45BD-46B8-AAB7-B46EA7901C28" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp6:*:*:*:*:*:*:*", "matchCriteriaId": "E3593F48-41BF-44E2-B91C-BA2A895FB100" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp7:*:*:*:*:*:*:*", "matchCriteriaId": "616B1E3A-D14E-4C88-BA71-84C060A13A3D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_fp8:*:*:*:*:*:*:*", "matchCriteriaId": "F3F86FDE-00EF-4166-B079-E0E69DD90A61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp1:*:*:*:*:*:*:*", "matchCriteriaId": "3F6CE835-E847-4ED5-A8BC-1F5B363D057F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1CD6F4-BC8B-45DE-A978-1537E3A87689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp3:*:*:*:*:*:*:*", "matchCriteriaId": "69CBF588-B9FB-463B-BEE2-AC6D841EE81D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp4:*:*:*:*:*:*:*", "matchCriteriaId": "F638B809-E7E7-49FD-8CFE-08595B287D83" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp5:*:*:*:*:*:*:*", "matchCriteriaId": "CBD1DB09-DCC8-43DA-A27F-5388716FF013" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp6:*:*:*:*:*:*:*", "matchCriteriaId": "242E0063-43B4-4ADD-AB51-E4491509F83B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp7:*:*:*:*:*:*:*", "matchCriteriaId": "951B5532-C019-4B80-94A8-61DE2D084589" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_4.5_mp8:*:*:*:*:*:*:*", "matchCriteriaId": "F658FB82-5BF8-437E-BABA-14FFCDE3332F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D5E1821-A0D8-42CC-B0EF-A4C7EAB6D173" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp1:*:*:*:*:*:*:*", "matchCriteriaId": "F04483F1-F206-4693-870F-84FFA310F6DE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp2:*:*:*:*:*:*:*", "matchCriteriaId": "3D342EB5-8DA1-4573-9EA3-210C94A883E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp3:*:*:*:*:*:*:*", "matchCriteriaId": "56E9E8E6-E6B9-42E4-BF40-8CC402A7AF05" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp4:*:*:*:*:*:*:*", "matchCriteriaId": "15F114D1-1D7B-41C3-A735-6F60C7B41460" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.0_mp5:*:*:*:*:*:*:*", "matchCriteriaId": "D74B8A14-1CD5-49C1-AF30-AE37796C9030" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE510737-B5FD-4B10-8062-AB90A57F3958" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp1:*:*:*:*:*:*:*", "matchCriteriaId": "AE1E8843-29A8-41EB-8689-C5E02791E8D4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp2:*:*:*:*:*:*:*", "matchCriteriaId": "CA48FEAB-AD82-4648-AC9E-B2C72AA27BAE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:symantec_veritas:netbackup:netware_media_servers_5.1_mp3:*:*:*:*:*:*:*", "matchCriteriaId": "BEB12220-726E-4B32-BEEF-63B2E450F4D7" } ] } ] } ], "references": [ { "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://securitytracker.com/id?1014662", "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ] }, { "url": "http://www.kb.cert.org/vuls/id/378957", "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ] }, { "url": "http://www.securityfocus.com/bid/14551", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "http://www.us-cert.gov/cas/techalerts/TA05-224A.html", "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ] }, { "url": "http://www.vupen.com/english/advisories/2005/1387", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21793", "source": "cve@mitre.org" } ] }