News & Media
Become a member »
AusCERT Web Log
» AusCERT2008 and an alleged vulnerability in Symantec...
AusCERT2008 and an alleged vulnerability in Symantec Veritas Backup Exec for Windows Servers
05 October 2007
Click here for printable version
AusCERT 2008 confrence call for papers
This week, AusCERT announced the call for papers for AusCERT2008. We would
really like to see our membership better represented on the AusCERT2008
program, so we encourage all our members to submit a presentation or tutorial
Or alternatively, we'd like to hear from our membership for ideas on
interesting presenters who you think may make a good addition to the program.
Symantec Veritas Backup Exec vulnerability??
There has been an alleged vulnerability in Symantec Veritas Backup Exec for
Windows Servers 11d put up on the WabiSabiLabi vulnerability auction site:
At this point it would be easy to launch into a rant about this site that is
"to bring the world closer to zero risk". But I'll leave that for another blog
So, there may be unpatched vulnerability in Symantec Veritas Backup Exec that
is to be soon sold and potentially used publicly. So, as with any backup
product, access to server ports used for backup should be restricted to the
backup client, and vice versa for client ports. All backup service ports should
not be accessible from outside your organisation.
Rob and Richard
Comments? Click here