Vulnerability Name:

CVE-2005-2080 (CCN-22227)

Assigned:2005-06-29
Published:2005-06-29
Updated:2008-09-05
Summary:Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2005-2080

Source: CCN
Type: SA15789
VERITAS Backup Exec Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
15789

Source: CONFIRM
Type: Patch, Vendor Advisory
http://seer.support.veritas.com/docs/276608.htm

Source: CCN
Type: VERITAS Document ID: 277429
Patch summary for Security Advisories VX05-001, VX05-002, VX05-003, VX05-005, VX05-006, VX05-007

Source: CONFIRM
Type: Patch
http://seer.support.veritas.com/docs/277429.htm

Source: CCN
Type: OSVDB ID: 22837
VERITAS Backup Exec Server Handle Copy Remote Privilege Escalation

Source: BID
Type: UNKNOWN
14026

Source: CCN
Type: BID-14026
Veritas Backup Exec Remote Agent for Windows Servers Privilege Escalation Vulnerability

Source: CCN
Type: Veritas NetBackup Web page
NetBackup™ Server

Source: XF
Type: UNKNOWN
backup-exec-handle-gain-privileges(22227)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec_veritas:backup_exec:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4019:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4170:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4172:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4174:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4202:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.306:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.307:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1067.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1067.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1127.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1151.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1152:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1152.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1154:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:10.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:veritas_backup_exec:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.307:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.306:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1154:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1152.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1152:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1151.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1127.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1067.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.1.1067.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4202:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4174:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4172:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4170:*:*:*:*:*:*:*
  • OR cpe:/a:symantec_veritas:backup_exec:9.0.4019:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec_veritas backup exec 9.0
    symantec_veritas backup exec 9.0.4019
    symantec_veritas backup exec 9.0.4170
    symantec_veritas backup exec 9.0.4172
    symantec_veritas backup exec 9.0.4174
    symantec_veritas backup exec 9.0.4202
    symantec_veritas backup exec 9.1
    symantec_veritas backup exec 9.1.306
    symantec_veritas backup exec 9.1.307
    symantec_veritas backup exec 9.1.1067.2
    symantec_veritas backup exec 9.1.1067.3
    symantec_veritas backup exec 9.1.1127.1
    symantec_veritas backup exec 9.1.1151.1
    symantec_veritas backup exec 9.1.1152
    symantec_veritas backup exec 9.1.1152.4
    symantec_veritas backup exec 9.1.1154
    symantec_veritas backup exec 10.0
    symantec veritas backup exec 10.0
    symantec_veritas backup exec 9.1
    symantec_veritas backup exec 9.0
    symantec_veritas backup exec 9.1.307
    symantec_veritas backup exec 9.1.306
    symantec_veritas backup exec 9.1.1154
    symantec_veritas backup exec 9.1.1152.4
    symantec_veritas backup exec 9.1.1152
    symantec_veritas backup exec 9.1.1151.1
    symantec_veritas backup exec 9.1.1127.1
    symantec_veritas backup exec 9.1.1067.3
    symantec_veritas backup exec 9.1.1067.2
    symantec_veritas backup exec 9.0.4202
    symantec_veritas backup exec 9.0.4174
    symantec_veritas backup exec 9.0.4172
    symantec_veritas backup exec 9.0.4170
    symantec_veritas backup exec 9.0.4019