Attackers are reported to be exploiting an unpatched vulnerability in Symantec's Veritas Backup Exec Agent for Windows software, according to an alert published Friday by Symantec.
A flaw in the product's Network Data Management Protocol agent could allow an attacker to gain access to the system and download files, the Fr-SIRT (French Security Incident Response Team) said in a statement Friday. Fr-SIRT rates the vulnerability as "critical."
Symantec, which acquired Veritas in July of this year, says it is "not aware of any vendor-supplied patches for this issue," according to its alert. The company recommends that users block access to the TCP (Transmission Control Protocol) port that uses the service in question, port 10000.
The Metasploit penetration testing toolkit already takes advantage of this vulnerability, and there are reports that exploits for the flaw are already being used by attackers, Symantec said.
The SANS Internet Storm Center said on its Web site on Friday that it has seen a jump in scans for port 10000, and it advises Backup Exec users to block access to that port from all untrusted network.
The flaw affects versions 8.x, 9.0, 9.1, and 10.0 of Backup Exec for Windows Servers, Fr-SIRT said.
Sign up to receive Security Resource Alerts
A comprehensive security management solution can help you streamline, as well as grow, your current or evolving business. In this way, a strategic security approach can help you increase your competitiveness in these challenging market conditions.
Download now! »
Find out how you can effectively collect, normalize and archive enterprise-wide, security-related data that is invaluable for security investigation and compliance reporting.
Download now! »
This session focuses on the intersection of role management and identity compliance, and addresses the importance of identity compliance in enterprise governance and the challenges that organizations may face in achieving it.
View now! »
Recommend This
