
VERITAS Backup Exec for Windows Servers, VERITAS Backup Exec for NetWare Servers, and NetBackup for NetWare Media Server Option Remote Agent Authentication Vulnerability (SYM05-011).US-CERT Vulnerability Note VU#378957.Please refer to VERITAS documentation on how to change the default listening port.įor more information, please see US-CERT Vulnerability Note VU#378957. Consider blocking access at network perimeters and using host-based firewalls to limit access to authorized servers.Ĭhanging the default port from 10000/tcp may reduce the chances of exploitation, particularly by automated attacks. The default port for these services is 10000/tcp. Use firewalls to limit connectivity so that only authorized backup servers can connect to Remote Agents or other listening components. Symantec has provided updates for this vulnerability in SYM05-011.Ĭonsider the following actions to mitigate risks associated with this and other vulnerabilities that require access to port 10000/tcp: Please note that VERITAS has recently merged with Symantec.Ī remote attacker with knowledge of the hard-coded credentials and access to a Remote Agent or other affected component may be able to retrieve arbitrary files from a vulnerable system.

US-CERT is tracking this vulnerability as VU#378957. This increase may be caused by attempts to locate vulnerable systems. US-CERT has monitored reports of increased scanning activity on port 10000/tcp. For example, Remote Agents for Windows run with SYSTEM privileges.Įxploit code containing the hard-coded credentials is publicly available. Most of these components run with elevated privileges. An attacker with knowledge of these credentials and access to an affected component may be able to retrieve arbitrary files from a vulnerable system. VERITAS components including Backup Exec, NetBackup, and Remote Agents use hard-coded administrative authentication credentials.

Other components that do not support NDMP may also listen on 10000/tcp. NDMP ".is an open standard protocol for enterprise-wide backup of heterogeneous network-attached storage." By default, Remote Agents listen for NDMP traffic on port 10000/tcp. Components of Backup Exec and NetBackup, including Backup Exec Remote Agents, support the Network Data Management Protocol (NDMP). VERITAS Backup Exec and NetBackup are network backup and recovery products that support a variety of operating systems.
