CVE-2005-3116: Buffer Overflow
First published: Fri Nov 18 2005(Updated: )
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Veritas NetBackup | =5.0_with_mp1 | |
| Symantec Veritas NetBackup | =5.0_with_mp2 | |
| Symantec Veritas NetBackup | =5.0_with_mp3 | |
| Symantec Veritas NetBackup | =5.0_with_mp4 | |
| Symantec Veritas NetBackup | =5.0_with_mp5 | |
| Symantec Veritas NetBackup | =5.1_with_mp1 | |
| Symantec Veritas NetBackup | =5.1_with_mp2 | |
| Symantec Veritas NetBackup | =5.1_with_mp3a | |
| Symantec Veritas NetBackup | =5.1_without_mp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seer.support.veritas.com/docs/279553.htm
- http://www.idefense.com/application/poi/display?id=336&type=vulnerabilities
- http://www.kb.cert.org/vuls/id/574662
- http://securitytracker.com/id?1015170
- http://secunia.com/advisories/17503
- http://securityresponse.symantec.com/avcenter/security/Content/2005.11.08b.html
- http://www.securityfocus.com/bid/15353
- http://www.osvdb.org/20674
- http://www.securityfocus.com/archive/1/422066/100/0/threaded
- http://www.securityfocus.com/archive/1/422157/100/0/threaded
- http://www.vupen.com/english/advisories/2005/2349
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22985
Frequently Asked Questions
What is the severity of CVE-2005-3116?
CVE-2005-3116 is classified as a critical severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2005-3116?
To remediate CVE-2005-3116, upgrade to an unaffected version of Symantec NetBackup beyond 5.1 with MP3A.
What products are affected by CVE-2005-3116?
CVE-2005-3116 affects Symantec NetBackup versions 5.0 MP1 to MP5 and 5.1 up to MP3A.
Who can exploit CVE-2005-3116?
CVE-2005-3116 can be exploited by remote attackers who send specially crafted packets to the Volume Manager daemon.
What types of attacks does CVE-2005-3116 enable?
CVE-2005-3116 allows attackers to execute arbitrary code on vulnerable systems, leading to potential full system compromise.
- agent/type
- agent/references
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/symantec veritas
- canonical/symantec veritas netbackup
- version/symantec veritas netbackup/5.0_with_mp1
- version/symantec veritas netbackup/5.0_with_mp2
- version/symantec veritas netbackup/5.0_with_mp3
- version/symantec veritas netbackup/5.0_with_mp4
- version/symantec veritas netbackup/5.0_with_mp5
- version/symantec veritas netbackup/5.1_with_mp1
- version/symantec veritas netbackup/5.1_with_mp2
- version/symantec veritas netbackup/5.1_with_mp3a
- version/symantec veritas netbackup/5.1_without_mp