November 2005

ID: 01003
Ref: 941/05
Date: 09 November 2005:15:26:37
Version: 1

---

Title: Symantec - Two Technical Advisories
Abstract: 1. VERITAS Cluster Server for UNIX: Local Access Buffer Overflow [SYM05-023], 2. Buffer overflow vulnerability in VERITAS NetBackup [SYM05-024]
Vendors affected: Symantec
Operating systems affected: Symantec
Applications affected: Symantec

---

Title
=====

Symantec - Two Technical Advisories:
1. VERITAS Cluster Server for UNIX: Local Access Buffer Overflow [SYM05-023]
2. Buffer overflow vulnerability in VERITAS NetBackup [SYM05-024]


Detail
======

Symantec technical advisories can be found at the following URLs:

1. Versions of VERITAS Cluster Server are susceptible to a buffer overflow
vulnerability that could allow a local user to create a denial of service
situation or potentially gain elevated privileges on a targeted server.
http://seer.support.veritas.com/docs/279870.htm


2. A buffer overflow vulnerability exists in a shared library used by the
VERITAS NetBackup volume manager daemon (vmd) running on VERITAS NetBackup
5.x servers and clients. Successful exploitation of this overflow
condition could possibly allow a malicious attacker to create a denial of
service disrupting backup systems or potentially allow execution of
arbitrary code with elevated privileges on a targeted system.
http://seer.support.veritas.com/docs/279553.htm