{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Backup Exec 9.1.1152 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Backup Exec 9.1.1152.4 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Backup Exec 9.0.4202 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0.4174 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.1154 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.1127.1 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 10.0 for Windows Servers rev. 5484 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0.4170 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 10.0 for Windows Servers rev. 5520 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0 for Windows Servers rev. 4454 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0 for Windows Servers rev. 4367 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.306 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.1067.3 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0.4019 for NetWare Servers.","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.307 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.1151.1 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1.1067.2 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.1 for Windows Servers rev. 4691 ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Backup Exec 9.0.4172 for NetWare Servers ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nVeritas Backup Exec est un logiciel de sauvegarde.\n\nPlusieurs vuln\u00e9rabilit\u00e9s affectent ce produit :\n\n-   deux vuln\u00e9rabilit\u00e9s de type d\u00e9bordement de m\u00e9moire dans Veritas\n    Backup Exec Remote Agent permettent \u00e0 un utilisateur mal intentionn\u00e9\n    de r\u00e9aliser un d\u00e9ni de service par arr\u00eat brutal du serveur ;\n-   une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans Veritas Backup\n    Exec Remote Agent for Windows Servers (RAWS) permet l'ex\u00e9cution de\n    code arbitraire \u00e0 distance sur le serveur ;\n-   une vuln\u00e9rabilit\u00e9 dans la validation des acc\u00e8s distants permet\n    l'obtention des privil\u00e8ges de l'administrateur sur le registre du\n    serveur ;\n-   une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans Backup Exec\n    Web Administration Console (BEWAC) permet l'ex\u00e9cution de code\n    arbitraire \u00e0 distance sur le serveur ;\n-   une vuln\u00e9rabilit\u00e9 dans Admin Plus Pack Option permet \u00e0 un\n    utilisateur non autoris\u00e9 d'obtenir un acc\u00e8s sur le serveur ;\n-   une vuln\u00e9rabilit\u00e9 dans Veritas Backup Exec Remote Agent permet \u00e0 un\n    utilisateur d'\u00e9lever ses privil\u00e8ges.\n\n## Solution\n\nAppliquer les correctifs indiqu\u00e9s dans le document 277429 de Veritas :\n\n    http://seer.support.veritas.com/docs/277429.htm\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-006 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276607.htm"},{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-007 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276608.htm"},{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-002 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276604.htm"},{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-005 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276606.htm"},{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-001 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276533.htm"},{"title":"Bulletin de s\u00e9curit\u00e9 Veritas VX05-003 du 22 juin 2005 :","url":"http://seer.support.veritas.com/docs/276605.htm"}],"reference":"CERTA-2005-AVI-229","revisions":[{"description":"version initiale.","revision_date":"2005-06-23T00:00:00.000000"}],"risks":[{"description":"Acc\u00e8s non autoris\u00e9 au syst\u00e8me avec les privil\u00e8ges de l'administrateur"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s affectant Veritas Backup Exec permettent\nl'ex\u00e9cution de code arbitraire \u00e0 distance ou l'obtention d'un acc\u00e8s avec\nles privil\u00e8ges de l'administrateur.\n","title":"Multiples vuln\u00e9rabilit\u00e9s de Veritas Backup Exec","vendor_advisories":[{"published_at":null,"title":"VX05-005, VX05-006 et VX05-007 du 22 juin 2005","url":null},{"published_at":null,"title":"Bulletins de s\u00e9curit\u00e9 Veritas VX05-001, VX05-002, VX05-003,","url":null}]}