Update Protection against Symantec Backup Exec ActiveX Control Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-057 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA27885 | |
| Industry Reference(s): | CVE-2007-6016 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Symantec Backup Exec for Windows Server (BEWS) 11d Build 11.0.6235 Symantec Backup Exec for Windows Server (BEWS) 11d Build 11.0.7170 Symantec Backup Exec for Windows Server (BEWS) 12.0 Build 12.0.1364 | ||
| Vulnerability Description A buffer overflow vulnerability has been reported in the Symantec Backup Exec for Windows Servers. Symantec Backup Exec is a data backup and recovery system for Windows. By convincing a user to visit a specially crafted Web page, a remote attacker may trigger this vulnerability to execute arbitrary code on an affected system. |
||
|
Update/Patch Available Apply Hotfix: Symantec |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the Symantec Backup Exec ActiveX control of the Scheduler component. To trigger this issue, an attacker may create a malicious web page that will exploit this vulnerability. Successful exploitation may allow execution of arbitrary code on a vulnerable system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the vulnerable ActiveX Control. Depending on the traffic mix, activating this protection may result in performance degradation.
In order for the protection to be activated, update your VPN-1/InterSpect product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.