Backup software sees exploit, patches

EMC has issued patches for security flaws in its backup software, while exploit code has appeared targeting backup software from Veritas Software.

EMC has issued patches for security problems with its data backup software, while exploit code has been released targeting a flaw in backup software from Veritas Software that the company patched last year.

EMC has issued patches for three versions of its Networker backup software to fix problems that could lead to a system crash or unauthorized remote access. EMC issued a hotfix for Networker 7.2.1, while the 7.1.4 and 7.3 versions of the software have already incorporated the necessary changes, according to a company posting.

No security incidents had been reported, EMC said.

However, exploit code has been released targeting a vulnerability in Veritas' Netbackup product. The French Security Incident Response Team, a computer security watchdog, posted the code Monday on its Web site. The flaw was first discovered in November, however, by iDefense and a patch was subsequently issued by Symantec, which owns Veritas.

Symantec said a buffer overflow capability exists in a shared library used by the Netbackup volume manager daemon, affecting 5.x versions of servers and clients. If successful, an exploit could allow a hacker to deny service or execute arbitrary code.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about EMC CorporationiDefenseSymantecVeritasVeritasVeritas Software

Show Comments