Critical Veritas attacks

By Derek Sooman on
A hole in Symantec's Veritas Backup Exec Agent for Windows is being exploited by attackers. The flaw refers to the product's Network Data Management Protocol agent, which could allow an attacker to gain access to the system and download files. Symantec, which acquired Veritas in July of this year, recommends that users block access to the TCP port that uses the service, port 10,000. The flaw affects versions 8.x, 9.0, 9.1, and 10.0 of Backup Exec for Windows Servers. Already, the Metasploit penetration testing toolkit has been updated to test for this vulnerability. The SANS Internet Storm Center has reported a massive surge in port scanning on port 10,000 so this could be a serious issue if action is not taken.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.