Backup Execにおいて、認証されていない攻撃者がDoSしたり任意のコードを実行することができるそうです。RPCサーバーの脆弱性だそうです。

II. DESCRIPTION

Remote exploitation of a heap overflow vulnerability in Symantec Backup
Exec could allow an unauthenticated attacker to create a denial of
service condition or potentially execute arbitrary code.

The flaw specifically exists within the RPC server that listens on TCP
port 6106. When handling requests using the "ncacn_ip_tcp" protocol,
the service will copy a user supplied amount of data into a fixed-size
heap buffer.

関連URL

• http://www.securityfocus.com/bid/23897