CVE-2006-4128 Information

Description

Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds) Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301 10.1.326.1401 10.1.326.2501 10.1.326.3301 and 10.1.327.401) and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691) 10.0 (builds 10.0.5484 and 10.0.5520) and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message.

Reference

http://secunia.com/advisories/21472 http://securityreason.com/securityalert/1380 http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html http://securitytracker.com/id?1016683 http://seer.entsupport.symantec.com/docs/284623.htm http://www.kb.cert.org/vuls/id/647796 http://www.securityfocus.com/archive/1/443037/100/0/threaded http://www.securityfocus.com/bid/19479 http://www.vupen.com/english/advisories/2006/3266 https://exchange.xforce.ibmcloud.com/vulnerabilities/28336