What is the severity of CVE-2006-4902?

CVE-2006-4902 has been classified with a high severity rating due to its potential for remote code execution.

How do I fix CVE-2006-4902?

To fix CVE-2006-4902, upgrade Symantec Veritas NetBackup to version 5.0_MP7, 5.1_MP6, or 6.0_MP4 or later.

Which Symantec products are vulnerable to CVE-2006-4902?

The vulnerable products include Symantec Veritas NetBackup versions 5.0, 5.1, and 6.0 prior to the specified patches.

Can attackers exploit CVE-2006-4902 remotely?

Yes, attackers can exploit CVE-2006-4902 remotely by appending malicious commands to valid commands sent to the NetBackup bpcd daemon.

What type of attack is associated with CVE-2006-4902?

CVE-2006-4902 is associated with command injection attacks that can lead to arbitrary command execution.

Vulnerability/
CVE-2006-4902

critical

CWE

NVD-CWE-Other

14/12/2006

20/7/2017

CVE-2006-4902

First published: Thu Dec 14 2006(Updated: )

The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Symantec NetBackup	=6.0
Symantec NetBackup	=5.0
Symantec Veritas Netbackup Enterprise Server	=5.1
Symantec NetBackup	=5.0
Symantec NetBackup	=5.1
Symantec Veritas Netbackup Enterprise Server	=6.0
Symantec NetBackup	=6.0
Symantec NetBackup	=5.1
Symantec Veritas Netbackup Enterprise Server	=5.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-4902?
CVE-2006-4902 has been classified with a high severity rating due to its potential for remote code execution.
How do I fix CVE-2006-4902?
To fix CVE-2006-4902, upgrade Symantec Veritas NetBackup to version 5.0_MP7, 5.1_MP6, or 6.0_MP4 or later.
Which Symantec products are vulnerable to CVE-2006-4902?
The vulnerable products include Symantec Veritas NetBackup versions 5.0, 5.1, and 6.0 prior to the specified patches.
Can attackers exploit CVE-2006-4902 remotely?
Yes, attackers can exploit CVE-2006-4902 remotely by appending malicious commands to valid commands sent to the NetBackup bpcd daemon.
What type of attack is associated with CVE-2006-4902?
CVE-2006-4902 is associated with command injection attacks that can lead to arbitrary command execution.

agent/severity
agent/weakness
agent/references
agent/author
agent/type
agent/event
agent/description
agent/remedy
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
agent/tags
collector/nvd-historical
vendor/symantec
product/veritas netbackup server
canonical/symantec veritas netbackup server
product/veritas netbackup enterprise server
canonical/symantec veritas netbackup enterprise server
product/veritas netbackup client
canonical/symantec veritas netbackup client
agent/software-canonical-lookup-request
collector/nvd-index
canonical/symantec netbackup
version/symantec netbackup/6.0
version/symantec netbackup/5.0
version/symantec veritas netbackup enterprise server/5.1
version/symantec netbackup/5.1
version/symantec veritas netbackup enterprise server/6.0
version/symantec veritas netbackup enterprise server/5.0

Frequently Asked Questions

What is the severity of CVE-2006-4902?
CVE-2006-4902 has been classified with a high severity rating due to its potential for remote code execution.
How do I fix CVE-2006-4902?
To fix CVE-2006-4902, upgrade Symantec Veritas NetBackup to version 5.0_MP7, 5.1_MP6, or 6.0_MP4 or later.
Which Symantec products are vulnerable to CVE-2006-4902?
The vulnerable products include Symantec Veritas NetBackup versions 5.0, 5.1, and 6.0 prior to the specified patches.
Can attackers exploit CVE-2006-4902 remotely?
Yes, attackers can exploit CVE-2006-4902 remotely by appending malicious commands to valid commands sent to the NetBackup bpcd daemon.
What type of attack is associated with CVE-2006-4902?
CVE-2006-4902 is associated with command injection attacks that can lead to arbitrary command execution.

CVE-2006-4902

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-4902?

How do I fix CVE-2006-4902?

Which Symantec products are vulnerable to CVE-2006-4902?

Can attackers exploit CVE-2006-4902 remotely?

What type of attack is associated with CVE-2006-4902?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2006-4902?

How do I fix CVE-2006-4902?

Which Symantec products are vulnerable to CVE-2006-4902?

Can attackers exploit CVE-2006-4902 remotely?

What type of attack is associated with CVE-2006-4902?