Vulnerability Details : CVE-2005-0773
Public exploit exists!
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2005-0773
Probability of exploitation activity in the next 30 days: 96.55%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2005-0773
-
Veritas Backup Exec Windows Remote Agent Overflow
Disclosure Date: 2005-06-22First seen: 2020-04-26exploit/windows/backupexec/remote_agentThis module exploits a stack buffer overflow in the Veritas BackupExec Windows Agent software. This vulnerability occurs when a client authentication request is received with type '3' and a long password argument. Reliable execution is obtained by abusing t
CVSS scores for CVE-2005-0773
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-0773
-
http://www.kb.cert.org/vuls/id/492105
Patch;Third Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/14022
Veritas Backup Exec Remote Agent for Windows Servers Authentication Buffer Overflow VulnerabilityExploit;Patch
- http://securitytracker.com/id?1014273
-
http://www.us-cert.gov/cas/techalerts/TA05-180A.html
Patch;Third Party Advisory;US Government Resource
-
http://seer.support.veritas.com/docs/276604.htm
Patch;Vendor Advisory
- http://seer.support.veritas.com/docs/277429.htm
-
http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities&flashstatus=true
Vendor Advisory
Products affected by CVE-2005-0773
- cpe:2.3:a:symantec_veritas:backup_exec:10.0_rev.5484:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0_rev.4367:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0_rev.4454:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1_rev.4691:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0.4174:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1067.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1151.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1_rev.4691_sp2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.0_rev.5484_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0.4019:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0.4170:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1152.4:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1154:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.306:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.307:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0_rev.4367_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0_rev.4454_sp1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1067.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0.4172:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.0.4202:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1127.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1.1152:*:*:*:*:*:*:*