iDefense Security Advisory 07.11.07: Symantec Backup Exec RPC Remote Heap Overflow Vulnerability

Backup Execにおいて、認証されていない攻撃者がDoSしたり任意のコードを実行することができるそうです。RPCサーバーの脆弱性だそうです。


Remote exploitation of a heap overflow vulnerability in Symantec Backup
Exec could allow an unauthenticated attacker to create a denial of
service condition or potentially execute arbitrary code.

The flaw specifically exists within the RPC server that listens on TCP
port 6106. When handling requests using the "ncacn_ip_tcp" protocol,
the service will copy a user supplied amount of data into a fixed-size
heap buffer.