Symantec backup exec agent for db2 on windows servers. As a fact, the backup exec software will let me install the remote agent onto as many servers as i want there is never any license dialog to put the remote agent license into. Symantec backup exec remote agent for windows should i. The vulnerability is caused due to a static password used by a remote backup agent during the authentication procedure. This metasploit module exploits a stack overflow in the veritas backupexec windows agent software. Veritas backup exec remote agent static password arbitrary. Veritas backup exec windows remote file access rapid7. An attacker may exploit this flaw to retrieve files from the remote host. Veritas backup exec contains an issue that allows a remote attacker to download arbitrary files from the affected system. Veritas backup exec agent arbitrary file download attack. Yes, start with uninstalling and then reinstalling the agent but after uninstalling the agent make sure you are fully patched by running live updates and then push them out to your remote servers. An attacker may exploit this flaw to retrieve files from the remote.
The backup exec remote media agent for linux servers provides storage flexibility for linux servers running in a backup exec environment. Lastly, if you look the raws update options from the console, the first few options do not reboot the remote server conversely meaning the reboot is. Act as part of the operating system windows 2000 only backup files and directories. On the symantec backup exec database panel, do one of the following to select a location to store the backup exec database. Veritas backup exec and netbackup are affected by a remote access vulnerability allowing unauthorized access and downloading of arbitrary files. Veritas backup exec remote agent for windows useafterfree posted may 27, 2017 authored by matthew daley.
A restart of the remote agent service on these remote machines should be just fine. A remote user can exploit a buffer overflow in veritas software backup exec remote agent in the processing of certain authentication requests to execute arbitrary code on the target system. Maintenance and support is available on all veritas software and appliance products. Im attempting to install an agent on a windows 2003 r2 server recently upgraded from windows 2000 and the job fails with the following message. Its running now where it wouldnt before, so i am doing better already. An attacker may leverage the vulnerability to authenticate with a vulnerable backup agent, then download arbitrary files from the target host. Description veritas backup exec remote agent, a remote data protection agent, is installed on the remote windows host. Bist du interessiert an einem neuen job in itsicherheit.
Symantec backup exec remote agent for linux or unix servers. It can be changed if required by clicking on the change button. Please view the documentaiton below under the section titled remoteagent for windows servers. Im sorry to say that sean donnelly was absolutely correct in his previous posting backup exec 12. An attacker with knowledge of this password and access to the remote agent may be able to retrieve. Veritas backup exec remote agent for unix or linux servers veritas backup.
A vulnerability was reported in veritas backup exec. From a cmd prompt on the windows 2008 server, locate that agents directory and find the appropriate windows directory and run the setupaa. If you check the services list on the media server you will see that the remote agent is present and should be running note. Upon being installed, the software adds a windows service which. Backup exec 20 agents and options articles and howtos. A maintenancesupport contract is an agreement between you and veritas for a period of time typically 12 months, that will provide your organization with access to technical support analysts who will help. This module abuses a logic flaw in the backup exec windows agent to download arbitrary files from the system. Again, the license number is plugged into the backup exec servers license dialog on the original be setup and not during the actual remote agent software installation. Symantec backup exec remote agent for windows is a software program developed by symantec.
How to get windows backup exec 12 remote agent onto a. The remote agent for 64bit systems differs somewhat from the remote agent for 32bit systems. Symantec enterprise security broadcom support portal. Unless, due to various reasons such as thirdparty component updates, locked processes, a reboot is required. The veritas backup exec advanced open file option handles open files at the volume level and is seamlessly integrated into backup exec software. Page 11 backup exec system services can use, and then click next. It is recommended that you select use symantec device drivers for all tape. Synopsis a remote data protection agent is installed on the remote windows host. Veritas backup exec netbackup static password vulnerability. Veritas backup exec remote agent static password arbitrary file download. For ca mainframe or enterprise support, please call support for immediate assistance. Hi all, im in a bit of a pickle and really need a copy of backup exec 9. This flaw was found by someone who wishes to remain anonymous and affects all known versions of the backup exec windows agent.
Veritas backup exec for windows servers, veritas backup. Veritas backup exec remote agent static password arbitrary file download cve20052611 the description reads. This all worked fine including the s2003 backups until last week when i did the fp2 update to backup exec 16 and deployed the new agents. There is no need to know which files are open ahead of time. Also, verify that your services are running as the following. It administrators can directly attach tape and disk storage devices to a remote linux server, allowing backup data to. Install the remote agent from the backup exec installation media by taking the media to the computer and running the backup exec installation program.
All versions before backup exec 16 fp1, backup exec 15 14. The 64bit version is available only for backup exec 9. Veritas backup exec unauthorized file download vulnerability. Veritas backup exec uses hardcoded authentication credentials.
Ensure that files on local or remote servers are protected even while in use. Cant install agent on windows server 2003r2 veritas. Veritas backup exec remote agent discloses arbitrary files. Exe where x is directory that backup exec is installed to.
Backup exec agent for windows install fails vox veritas. Veritas backup exec windows remote agent overflow metasploit. The vulnerability is due to insufficient validation of usersupplied input processed by the affected software. Veritas backup exec is a data protection software product that supports virtual, physical and cloud platforms. From the be installation dvd, copy the vcdist directory to c. Sold by veritas technologies llc, backup exec is compatible with most storage devices, including disk, tape and cloud. Select a destination folder to install backup exec. After fp2 was installed but prior to the agents being deployed all backups worked apparently fine but after deploying the new agents the server 2012 vms backup were ok but not those running s2003. About installing the remote agent for windows systems. Exploiting veritas backup exec remote agent static. Remote agent veritas backup exec 64bit remote agent the remote agent for windows servers remote agent is now available for 64bit systems. Symantec backup exec agent for sap applications this section includes the following topics.
See installing additional backup exec options to the local media server. Veritas backup exec agent useafter free vulnerability. Symantec backup exec agent for sap applications symantec. Backup exec 16 fp2 agents and sorry but server 2003 machines. Solution add and grant the backup operator group to c. Additional information is available to describe the veritas backup exec unauthorized file download vulnerability. Table11 minimumsystemrequirementscontinued item requirements youcanusestoragemediadrives,roboticlibraries,removablestorage devices,andnonremovableharddrives. A remote user can download arbitrary files from the target system. Multiple unspecified vulnerabilities in the backup exec remote agent logon process in symantec backup exec for windows servers 11. An encrypted but static password is transferred during the authentication process between the agent and the server that, when properly manipulated can be leveraged to gain remote access to the application and download arbitrary files from and to the backup server. This vulnerability occurs when a client authentication request is received with type 3 and a long password argument. The veritas backup exec remote agent uses a hardcoded, encrypted root password. The software uses a hardcoded, default authentication password. Sa16403 veritas backup exec arbitrary file download.
Veritas backup exec remote agent is a data backup and recovery solution with support for overthenetwork backup. Veritas backup exec remote agent for windows useafter. Veritas backup exec windows remote agent overflow posted oct 30, 2009 authored by h d moore site. A vulnerability in veritas backup exec agent could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service dos condition. Solved backup exec remote agent is not working correctly. Data protection pioneer veritas has become a market leader with a strong focus on cloudbased data protection and data management.