vendor:
Backup Exec Windows Agent
by:
anonymous
6.4
CVSS
MEDIUM
Logic Flaw
N/A
CWE
Product Name: Backup Exec Windows Agent
Affected Version From: All known versions
Affected Version To: All known versions
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2005
Veritas Backup Exec Windows Remote File Access
This module abuses a logic flaw in the Backup Exec Windows Agent to download arbitrary files from the system. This flaw was found by someone who wishes to remain anonymous and affects all known versions of the Backup Exec Windows Agent. The output file is in 'MTF' format, which can be extracted by the 'NTKBUp' program listed in the references section.
Mitigation:
Update to the latest version of Backup Exec Windows Agent.
