Symantec Backup Exec 12.5 MiTM Attack

2011.07.11
Credit: Nibin
Risk: Medium
Local: Yes
Remote: Yes
CWE: CWE-20


CVSS Base Score: 6.5/10
Impact Subscore: 10/10
Exploitability Subscore: 2.5/10
Exploit range: Adjacent network
Attack complexity: High
Authentication: Single time
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

Exploit Title: Symantec Backup Exec MiTM Attack Date: 27/05/2011 Author: Nibin Software Link: http://www.symantec.com/business/products/family.jsp?familyid=backupexec Version: - Symantec Backup Exec for Windows Servers versions 11.0, 12.0, and 12.5 - Symantec Backup Exec 2010 versions 13.0 and 13.0 R2 Tested on: Tested on Symantec Backup Exec 12.5 for Windows Servers CVE : CVE-2011-0546 BID: 47824 Symantec Disclosure link: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110526_00 iViZ Disclosure link: goo.gl/1vzdE Exploit Code: http://www.exploit-db.com/sploits/SymantecReplay.zip

References:

http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110526_00
http://www.securityfocus.com/bid/47824
http://secunia.com/advisories/44698


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top