Symantec patches NetBackup bug

Symantec on Wednesday patched a vulnerability in its Veritas NetBackup PureDisk application that left unfixed could let attackers worm their way into systems and gain control over the machines.

The bug, which Danish vulnerability tracker Secunia pegged as "moderately critical," was found during an internal security code review, Symantec said in an alert posted on its support site.

Although NetBackup PureDisk's management console is by default accessible only through an SSL connection, it was possible for an unauthorised users to bypass the authentication scheme and elevate their access rights to wrest complete control of the server. Symantec patches NetBackup bug - Security -

Linked by shanmuga Saturday, 19th August 2006 7:43AM