{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1016683", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016683"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://seer.entsupport.symantec.com/docs/284623.htm"}, {"name": "backupexec-rpc-interface-bo(28336)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28336"}, {"name": "20060811 (Security Advisory) SYM06-014 Symantec Backup Exec Internal RPC Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/443037/100/0/threaded"}, {"name": "VU#647796", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/647796"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html"}, {"name": "1380", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1380"}, {"name": "ADV-2006-3266", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3266"}, {"name": "19479", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19479"}, {"name": "21472", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21472"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4128", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1016683", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016683"}, {"name": "http://seer.entsupport.symantec.com/docs/284623.htm", "refsource": "CONFIRM", "url": "http://seer.entsupport.symantec.com/docs/284623.htm"}, {"name": "backupexec-rpc-interface-bo(28336)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28336"}, {"name": "20060811 (Security Advisory) SYM06-014 Symantec Backup Exec Internal RPC Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/443037/100/0/threaded"}, {"name": "VU#647796", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/647796"}, {"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html"}, {"name": "1380", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1380"}, {"name": "ADV-2006-3266", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3266"}, {"name": "19479", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19479"}, {"name": "21472", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21472"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:57:46.261Z"}, "title": "CVE Program Container", "references": [{"name": "1016683", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016683"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://seer.entsupport.symantec.com/docs/284623.htm"}, {"name": "backupexec-rpc-interface-bo(28336)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28336"}, {"name": "20060811 (Security Advisory) SYM06-014 Symantec Backup Exec Internal RPC Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/443037/100/0/threaded"}, {"name": "VU#647796", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/647796"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html"}, {"name": "1380", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1380"}, {"name": "ADV-2006-3266", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3266"}, {"name": "19479", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19479"}, {"name": "21472", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21472"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4128", "datePublished": "2006-08-14T23:00:00", "dateReserved": "2006-08-14T00:00:00", "dateUpdated": "2024-08-07T18:57:46.261Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:9.1:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "E11FD33B-E9E1-4C1D-A3C2-622A99637B3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:9.1_build9.1.4691:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "0113460A-3653-471F-8CBC-DADDB8019424", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:9.2:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "F0FE14BC-EC55-41D8-A3B2-01E5D713C537", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.0:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "4D552062-F18D-4800-9618-C1A5F967F7C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.0_build10.0.5484:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "398B0C1C-3969-4664-A175-AF149DE701BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.0_build10.0.5520:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "CA98695D-2217-419A-8CEA-8EE30FEF6A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "D1C409F7-A4AA-4693-AFB2-8DCA9E9AB928", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1.325.6301:*:*:*:*:*:*:*", "matchCriteriaId": "62FDC7A0-1BDF-4BE6-ACC0-9508092A07C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.1401:*:*:*:*:*:*:*", "matchCriteriaId": "8B46764B-6B34-414D-AD39-61A0C645F940", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.2501:*:*:*:*:*:*:*", "matchCriteriaId": "08E7CF0C-3200-4976-B57B-91BDB8F50C47", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.3301:*:*:*:*:*:*:*", "matchCriteriaId": "4F47DBE4-186F-4064-8FEF-FA36050B2074", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1.327.401:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC413A-B3BA-4AD4-9BD4-0BFC4355451E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec_veritas:backup_exec:10.1_build10.1.5629:*:windows_server_remote_agent:*:*:*:*:*", "matchCriteriaId": "5CAE4CB5-9716-4C34-A7F2-BA8133ECBA38", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message."}, {"lang": "es", "value": "M\u00faliples desbordamientos de b\u00fafer en Symantec VERITAS Backup Exec para Netware Server Remote Agent para Windows Server 9.1 y 9.2 (todas las construcciones), Backup Exec Continuous Protection Server Remote Agent para Windows Server 10.1 (10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, y 10.1.327.401), y Backup Exec para Windows Server y Remote Agent 9.1 (9.1.4691), 10.0 (10.0.5484 y 10.0.5520), y 10.1 (10.1.5629) permite a un atacante remoto provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de mensajes RPC manipulados."}], "id": "CVE-2006-4128", "lastModified": "2018-10-17T21:33:32.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-14T23:04:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21472"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1380"}, {"source": "cve@mitre.org", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016683"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://seer.entsupport.symantec.com/docs/284623.htm"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/647796"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/443037/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/19479"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3266"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28336"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}