CVE-2006-4902 - OpenCVE

The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Veritas Netbackup Client Veritas Netbackup Server Veritas Netbackup Enterprise Server

Configuration 1 [-]

OR	cpe:2.3:a:symantec:veritas_netbackup_client:5.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_client:5.1:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_client:6.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:5.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:5.1:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:6.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_server:5.0:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_server:5.1:::::::*
	cpe:2.3:a:symantec:veritas_netbackup_server:6.0:::::::*

References

Link	Resource
http://secunia.com/advisories/23368	Patch Vendor Advisory
http://securitytracker.com/id?1017379	Patch
http://www.iss.net/threats/247.html
http://www.kb.cert.org/vuls/id/252936	Patch US Government Resource
http://www.securityfocus.com/bid/21565	Patch
http://www.symantec.com/avcenter/security/Content/2006.12.13a.html	Patch
http://www.vupen.com/english/advisories/2006/4999
https://exchange.xforce.ibmcloud.com/vulnerabilities/27638

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-14T20:00:00

Updated: 2017-07-19T15:57:01

Reserved: 2006-09-20T00:00:00

Link: CVE-2006-4902

JSON object: View

NVD Information

Status : Modified

Published: 2006-12-14T20:28:00.000

Modified: 2017-07-20T01:33:23.057

Link: CVE-2006-4902

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23368", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23368"}, {"name": "backup-invalid-input(27638)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27638"}, {"name": "1017379", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017379"}, {"name": "VU#252936", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/252936"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/avcenter/security/Content/2006.12.13a.html"}, {"name": "20061213 Symantec Veritas Netbackup 5.0/5.1 and 6.0 Logic Vulnerability", "tags": ["third-party-advisory", "x_refsource_ISS"], "url": "http://www.iss.net/threats/247.html"}, {"name": "21565", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21565"}, {"name": "ADV-2006-4999", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4999"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4902", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23368", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23368"}, {"name": "backup-invalid-input(27638)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27638"}, {"name": "1017379", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017379"}, {"name": "VU#252936", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/252936"}, {"name": "http://www.symantec.com/avcenter/security/Content/2006.12.13a.html", "refsource": "CONFIRM", "url": "http://www.symantec.com/avcenter/security/Content/2006.12.13a.html"}, {"name": "20061213 Symantec Veritas Netbackup 5.0/5.1 and 6.0 Logic Vulnerability", "refsource": "ISS", "url": "http://www.iss.net/threats/247.html"}, {"name": "21565", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21565"}, {"name": "ADV-2006-4999", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4999"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4902", "datePublished": "2006-12-14T20:00:00", "dateReserved": "2006-09-20T00:00:00", "dateUpdated": "2017-07-19T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:veritas_netbackup_client:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "822B77A6-7088-4378-BF42-72F60BD4FC47", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_client:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C554372-6911-4844-A2CB-81CD714002B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_client:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "14022872-214B-4185-A126-5934C9EFFC88", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A04B4CF7-ACE9-4F29-A699-2904C9712D4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "8143B064-3F50-4997-AEBC-712D19D5E69F", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_enterprise_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "01437FD2-2B60-4B64-AAA9-49D1268528A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4A6955A-F85B-40A8-99E1-74832CAA6B95", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4D72BED3-6F51-45FE-8A9F-3287576D71BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:veritas_netbackup_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4140FD3E-A7D9-4C66-9F5C-73ADE358ED83", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands."}, {"lang": "es", "value": "El demonio NetBackup bpcd (bpcd.exe) en Symantec Veritas NetBackup 5.0 versiones anteriores a 5.0_MP7, 5.1 versiones anteriores a 5.1_MP6, y 6.0 versiones anteriores a 6.0_MP4, no comprueba apropiadamente comandos encadenados, que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a\u00f1adiendo comandos maliciosos en comandos validos."}], "id": "CVE-2006-4902", "lastModified": "2017-07-20T01:33:23.057", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-14T20:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/23368"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1017379"}, {"source": "cve@mitre.org", "url": "http://www.iss.net/threats/247.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/252936"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/21565"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.symantec.com/avcenter/security/Content/2006.12.13a.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4999"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27638"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}