Nessus Generates a Warning Indicating a VERITAS Backup Exec Security Advisory for Windows Servers (2206)
If you are running a VERITAS Backup Exec Agent for Windows servers, Nessus might issue the following warning about unauthorized downloading of arbitrary files:
The remote host is running a version of VERITAS Backup Exec Agent which is configured with a default root account. An attacker might exploit this flaw to retrieve files from the remote host.
The solution to this problem is posted on the VERITAS Web site, at http://seer.support.veritas.com/docs/278434.htm.
- Risk factor: High / CVSS
- Base Score: 9 (AV:R/AC:L/Au:NR/C:C/A:P/I:C/B:N)
- CVE: CVE-2005-2611
- BID: 14551
To work around this problem, apply the hot fixes on the VERITAS Web page provided in the Nessus warning.