QwikSec

Security Database

CVE

CWE

Training

CVE-2006-1298

Published: Mar 19, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted filename on a machine that is backed up by Backup Exec.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060320 Symantec Security Advisory, SYM06-005

mailing-list

x_refsource_BUGTRAQ

http://www.symantec.com/avcenter/security/Content/2006.03.17b.html

x_refsource_CONFIRM

http://support.veritas.com/docs/282254

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

backupexec-bengine-format-string(25310)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.