CVE-2009-0651 - OpenCVE

Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to "initial communications setup."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Veritas Netbackup Server \/enterprise Server

Configuration 1 [-]

OR	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server::::::::
	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server::::::::
	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server::::::::
	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server:5.1:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server:6.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_server_\/enterprise_server:6.5:::::::*

No data.

References

Link	Providers
http://osvdb.org/52269
http://secunia.com/advisories/33953
http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html
http://seer.entsupport.symantec.com/docs/317828.htm
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1
http://www.securityfocus.com/bid/33772
http://www.securitytracker.com/id?1021734
http://www.vupen.com/english/advisories/2009/0461
http://www.vupen.com/english/advisories/2009/1097
https://exchange.xforce.ibmcloud.com/vulnerabilities/48795

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-02-20T18:00:00

Updated: 2024-08-07T04:40:05.114Z

Reserved: 2009-02-20T00:00:00

Link: CVE-2009-0651

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-02-20T18:30:00.500

Modified: 2017-08-17T01:29:57.537

Link: CVE-2009-0651

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-02-17T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to \"initial communications setup.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "veritas-netbackup-vnetd-privilege-escalation(48795)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"}, {"name": "ADV-2009-1097", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1097"}, {"name": "1021734", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021734"}, {"name": "33772", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33772"}, {"name": "253287", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"}, {"name": "ADV-2009-0461", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0461"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://seer.entsupport.symantec.com/docs/317828.htm"}, {"name": "52269", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/52269"}, {"name": "33953", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33953"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0651", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to \"initial communications setup.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "veritas-netbackup-vnetd-privilege-escalation(48795)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"}, {"name": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"}, {"name": "ADV-2009-1097", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1097"}, {"name": "1021734", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021734"}, {"name": "33772", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33772"}, {"name": "253287", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"}, {"name": "ADV-2009-0461", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0461"}, {"name": "http://seer.entsupport.symantec.com/docs/317828.htm", "refsource": "CONFIRM", "url": "http://seer.entsupport.symantec.com/docs/317828.htm"}, {"name": "52269", "refsource": "OSVDB", "url": "http://osvdb.org/52269"}, {"name": "33953", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33953"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:40:05.114Z"}, "title": "CVE Program Container", "references": [{"name": "veritas-netbackup-vnetd-privilege-escalation(48795)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"}, {"name": "ADV-2009-1097", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1097"}, {"name": "1021734", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021734"}, {"name": "33772", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33772"}, {"name": "253287", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"}, {"name": "ADV-2009-0461", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0461"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://seer.entsupport.symantec.com/docs/317828.htm"}, {"name": "52269", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/52269"}, {"name": "33953", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33953"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0651", "datePublished": "2009-02-20T18:00:00", "dateReserved": "2009-02-20T00:00:00", "dateUpdated": "2024-08-07T04:40:05.114Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "14E0B342-8B4E-4E5F-842D-920C4548F20F", "versionEndIncluding": "5.1mp7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "10A86601-C514-4704-AB13-4FE761D31F73", "versionEndIncluding": "6.0mp7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4AF64488-A905-4B3C-AAB2-48286D49B98F", "versionEndIncluding": "6.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "A665E030-ACF2-46F3-8C91-DEC109BEF062", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F3C740C-0C65-4E83-B5F0-CB9A6A74E2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server_\\/enterprise_server:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "F574AF2F-7336-4BA4-946D-C58DD225DA72", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related to \"initial communications setup.\""}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el demonido de red Veritas (tambien conocido como vnetd) en Symantec Veritas NetBackup Server / Enterprise Server v5.x, v6.0 anterior a MP7 SP1, y v6.5 anterior a v6.5.3.1 lo que permite a atacantes remotos ejecutar codigo a su elecciona traves de vectores desconocidos relacionados con el \"ajuste incial de comunicaciones\"."}], "id": "CVE-2009-0651", "lastModified": "2017-08-17T01:29:57.537", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-02-20T18:30:00.500", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/52269"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33953"}, {"source": "cve@mitre.org", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.02.17.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://seer.entsupport.symantec.com/docs/317828.htm"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-253287-1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/33772"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021734"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/0461"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1097"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48795"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}