CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2009-3027

VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA through 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA through 6.6; Veritas Storage Foundation (SF) 3.5; Veritas Storage Foundation for Windows High Availability (SFWHA) 4.3MP2, 5.0, 5.0RP1a, 5.0RP2, 5.1, and 5.1AP1; Veritas Storage Foundation for High Availability (SFHA) 3.5; Veritas Storage Foundation for Oracle (SFO) 4.1, 5.0, and 5.0.1; Veritas Storage Foundation for DB2 4.1 and 5.0; Veritas Storage Foundation for Sybase 4.1 and 5.0; Veritas Storage Foundation for Oracle Real Application Cluster (SFRAC) 3.5, 4.0, 4.1, and 5.0; Veritas Storage Foundation Manager (SFM) 1.0, 1.0 MP1, 1.1, 1.1.1Ux, 1.1.1Win, and 2.0; Veritas Cluster Server (VCS) 3.5, 4.0, 4.1, and 5.0; Veritas Cluster Server One (VCSOne) 2.0, 2.0.1, and 2.0.2; Veritas Application Director (VAD) 1.1 and 1.1 Platform Expansion; Veritas Cluster Server Management Console (VCSMC) 5.1, 5.5, and 5.5.1; Veritas Storage Foundation Cluster File System (SFCFS) 3.5, 4.0, 4.1, and 5.0; Veritas Storage Foundation Cluster File System for Oracle RAC (SFCFS RAC) 5.0; Veritas Command Central Storage (CCS) 4.x, 5.0, and 5.1; Veritas Command Central Enterprise Reporter (CC-ER) 5.0 GA, 5.0 MP1, 5.0 MP1RP1, and 5.1; Veritas Command Central Storage Change Manager (CC-SCM) 5.0 and 5.1; and Veritas MicroMeasure 5.0 does not properly validate authentication requests, which allows remote attackers to trigger the unpacking of a WAR archive, and execute arbitrary code in the contained files, via crafted data to TCP port 14300.
Publish Date : 2009-12-11 Last Update Date : 2013-02-06
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
10.0
Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Execute Code
CWE ID 287

- Related OVAL Definitions

Title Definition Id Class Family
HP-UX Running VRTSweb, Remote Execution of Arbitrary Code, Increase of Privilege oval:org.mitre.oval:def:7986 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2009-3027

# Product Type Vendor Product Version Update Edition Language
1 Application Symantec Backup Exec Continuous Protection Server 12.0 Version Details Vulnerabilities
2 Application Symantec Backup Exec Continuous Protection Server 12.5 Version Details Vulnerabilities
3 Application Symantec Backup Exec Continuous Protection Server 11D Version Details Vulnerabilities
4 Application Symantec Veritas Application Director 1.1 Version Details Vulnerabilities
5 Application Symantec Veritas Application Director 1.1 Platform Expansion Version Details Vulnerabilities
6 Application Symantec Veritas Backup Exec 12.0 Version Details Vulnerabilities
7 Application Symantec Veritas Backup Exec 12.5 Version Details Vulnerabilities
8 Application Symantec Veritas Backup Exec 11D Version Details Vulnerabilities
9 Application Symantec Veritas Cluster Server 3.5 Hp-ux Version Details Vulnerabilities
10 Application Symantec Veritas Cluster Server 4.0 AIX Version Details Vulnerabilities
11 Application Symantec Veritas Cluster Server 4.0 Linux Version Details Vulnerabilities
12 Application Symantec Veritas Cluster Server 4.1 Solaris Version Details Vulnerabilities
13 Application Symantec Veritas Cluster Server 4.1 Hp-ux Version Details Vulnerabilities
14 Application Symantec Veritas Cluster Server 4.1 Linux Version Details Vulnerabilities
15 Application Symantec Veritas Cluster Server 5.0 Hp-ux Version Details Vulnerabilities
16 Application Symantec Veritas Cluster Server 5.0 AIX Version Details Vulnerabilities
17 Application Symantec Veritas Cluster Server 5.0 Solaris Version Details Vulnerabilities
18 Application Symantec Veritas Cluster Server 5.0 Linux Version Details Vulnerabilities
19 Application Symantec Veritas Cluster Server Management Console 5.1 Version Details Vulnerabilities
20 Application Symantec Veritas Cluster Server Management Console 5.5 Version Details Vulnerabilities
21 Application Symantec Veritas Cluster Server Management Console 5.5.1 Version Details Vulnerabilities
22 Application Symantec Veritas Cluster Server One 2.0 Version Details Vulnerabilities
23 Application Symantec Veritas Cluster Server One 2.0.1 Version Details Vulnerabilities
24 Application Symantec Veritas Cluster Server One 2.0.2 Version Details Vulnerabilities
25 Application Symantec Veritas Command Central Enterprise Reporter 5.0mp1 Version Details Vulnerabilities
26 Application Symantec Veritas Command Central Enterprise Reporter 5.0mp1rp1 Version Details Vulnerabilities
27 Application Symantec Veritas Command Central Enterprise Reporter 5.0 Ga Version Details Vulnerabilities
28 Application Symantec Veritas Command Central Enterprise Reporter 5.1 Version Details Vulnerabilities
29 Application Symantec Veritas Command Central Storage 4.X Version Details Vulnerabilities
30 Application Symantec Veritas Command Central Storage 5.0 Version Details Vulnerabilities
31 Application Symantec Veritas Command Central Storage 5.1 Version Details Vulnerabilities
32 Application Symantec Veritas Command Central Storage Change Manager 5.0 Version Details Vulnerabilities
33 Application Symantec Veritas Command Central Storage Change Manager 5.1 Version Details Vulnerabilities
34 Application Symantec Veritas Micromeasure 5.0 Version Details Vulnerabilities
35 Application Symantec Veritas Netbackup Operations Manager 6.0 Ga Version Details Vulnerabilities
36 Application Symantec Veritas Netbackup Operations Manager 6.5.5 Version Details Vulnerabilities
37 Application Symantec Veritas Netbackup Reporter 6.0 Ga Version Details Vulnerabilities
38 Application Symantec Veritas Netbackup Reporter 6.6 Version Details Vulnerabilities
39 Application Symantec Veritas Storae Foundation 3.5 Onwards Version Details Vulnerabilities
40 Application Symantec Veritas Storage Foundation 3.5 Version Details Vulnerabilities
41 Application Symantec Veritas Storage Foundation Cluster File System 3.5 Hp-ux Version Details Vulnerabilities
42 Application Symantec Veritas Storage Foundation Cluster File System 4.0 Linux Version Details Vulnerabilities
43 Application Symantec Veritas Storage Foundation Cluster File System 4.0 Hp-ux Version Details Vulnerabilities
44 Application Symantec Veritas Storage Foundation Cluster File System 4.0 AIX Version Details Vulnerabilities
45 Application Symantec Veritas Storage Foundation Cluster File System 4.0 Solaris Version Details Vulnerabilities
46 Application Symantec Veritas Storage Foundation Cluster File System 4.1 Solaris Version Details Vulnerabilities
47 Application Symantec Veritas Storage Foundation Cluster File System 4.1 Linux Version Details Vulnerabilities
48 Application Symantec Veritas Storage Foundation Cluster File System 4.1 AIX Version Details Vulnerabilities
49 Application Symantec Veritas Storage Foundation Cluster File System 4.1 Hp-ux Version Details Vulnerabilities
50 Application Symantec Veritas Storage Foundation Cluster File System 5.0 Hp-ux Version Details Vulnerabilities
51 Application Symantec Veritas Storage Foundation Cluster File System 5.0 Solaris Version Details Vulnerabilities
52 Application Symantec Veritas Storage Foundation Cluster File System 5.0 Linux Version Details Vulnerabilities
53 Application Symantec Veritas Storage Foundation Cluster File System 5.0 AIX Version Details Vulnerabilities
54 Application Symantec Veritas Storage Foundation Cluster File System For Oracle Rac 5.0 Linux Version Details Vulnerabilities
55 Application Symantec Veritas Storage Foundation For Db2 4.1 Linux Version Details Vulnerabilities
56 Application Symantec Veritas Storage Foundation For Db2 4.1 Solaris Version Details Vulnerabilities
57 Application Symantec Veritas Storage Foundation For Db2 5.0 Solaris Version Details Vulnerabilities
58 Application Symantec Veritas Storage Foundation For Db2 5.0 Linux Version Details Vulnerabilities
59 Application Symantec Veritas Storage Foundation For Db2 5.0 AIX Version Details Vulnerabilities
60 Application Symantec Veritas Storage Foundation For High Availability 3.5 Version Details Vulnerabilities
61 Application Symantec Veritas Storage Foundation For Oracle 4.1 Version Details Vulnerabilities
62 Application Symantec Veritas Storage Foundation For Oracle 5.0 Version Details Vulnerabilities
63 Application Symantec Veritas Storage Foundation For Oracle 5.0.1 Version Details Vulnerabilities
64 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 3.5 Hp-ux Version Details Vulnerabilities
65 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.0 AIX Version Details Vulnerabilities
66 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.0 Linux Version Details Vulnerabilities
67 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.1 Linux Version Details Vulnerabilities
68 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.1 Solaris Version Details Vulnerabilities
69 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 4.1 Hp-ux Version Details Vulnerabilities
70 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0 Linux Version Details Vulnerabilities
71 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0 AIX Version Details Vulnerabilities
72 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0 Hp-ux Version Details Vulnerabilities
73 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0 Solaris Version Details Vulnerabilities
74 Application Symantec Veritas Storage Foundation For Oracle Real Application Cluster 5.0 Version Details Vulnerabilities
75 Application Symantec Veritas Storage Foundation For Sybase 4.1 Solaris Version Details Vulnerabilities
76 Application Symantec Veritas Storage Foundation For Sybase 5.0 Solaris Version Details Vulnerabilities
77 Application Symantec Veritas Storage Foundation For Windows High Availability 4.3mp2 Version Details Vulnerabilities
78 Application Symantec Veritas Storage Foundation For Windows High Availability 5.0rp2 Version Details Vulnerabilities
79 Application Symantec Veritas Storage Foundation For Windows High Availability 5.0rp1a Version Details Vulnerabilities
80 Application Symantec Veritas Storage Foundation For Windows High Availability 5.0 Version Details Vulnerabilities
81 Application Symantec Veritas Storage Foundation For Windows High Availability 5.1ap1 Version Details Vulnerabilities
82 Application Symantec Veritas Storage Foundation For Windows High Availability 5.1 Version Details Vulnerabilities
83 Application Symantec Veritas Storage Foundation Manager 1.0 Version Details Vulnerabilities
84 Application Symantec Veritas Storage Foundation Manager 1.0mp1 Version Details Vulnerabilities
85 Application Symantec Veritas Storage Foundation Manager 1.1 Version Details Vulnerabilities
86 Application Symantec Veritas Storage Foundation Manager 1.1.1ux Version Details Vulnerabilities
87 Application Symantec Veritas Storage Foundation Manager 1.1.1win Version Details Vulnerabilities
88 Application Symantec Veritas Storage Foundation Manager 2.0 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Symantec Backup Exec Continuous Protection Server 3
Symantec Veritas Application Director 2
Symantec Veritas Backup Exec 3
Symantec Veritas Cluster Server 10
Symantec Veritas Cluster Server Management Console 3
Symantec Veritas Cluster Server One 3
Symantec Veritas Command Central Enterprise Reporter 4
Symantec Veritas Command Central Storage 3
Symantec Veritas Command Central Storage Change Manager 2
Symantec Veritas Micromeasure 1
Symantec Veritas Netbackup Operations Manager 2
Symantec Veritas Netbackup Reporter 2
Symantec Veritas Storae Foundation 1
Symantec Veritas Storage Foundation 1
Symantec Veritas Storage Foundation Cluster File System 13
Symantec Veritas Storage Foundation Cluster File System For Oracle Rac 1
Symantec Veritas Storage Foundation For Db2 5
Symantec Veritas Storage Foundation For High Availability 1
Symantec Veritas Storage Foundation For Oracle 3
Symantec Veritas Storage Foundation For Oracle Real Application Cluster 11
Symantec Veritas Storage Foundation For Sybase 2
Symantec Veritas Storage Foundation For Windows High Availability 6
Symantec Veritas Storage Foundation Manager 6

- References For CVE-2009-3027

http://www.zerodayinitiative.com/advisories/ZDI-09-098/
http://secunia.com/advisories/37631
SECUNIA 37631
http://secunia.com/advisories/37637
SECUNIA 37637
http://securitytracker.com/id?1023309
SECTRACK 1023309
http://securitytracker.com/id?1023312
SECTRACK 1023312
http://secunia.com/advisories/37685
SECUNIA 37685
http://www.vupen.com/english/advisories/2009/3467
VUPEN ADV-2009-3467
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091209_00 CONFIRM
http://www.securitytracker.com/id?1023318
SECTRACK 1023318
http://www.securitytracker.com/id?1023313
SECTRACK 1023313
http://www.securitytracker.com/id?1023311
SECTRACK 1023311
http://www.securityfocus.com/bid/37012
BID 37012 Symantec Veritas VRTSweb Incoming Data Remote Code Execution Vulnerability Release Date:2010-01-05
http://www.securityfocus.com/archive/1/archive/1/508358/100/0/threaded
BUGTRAQ 20091209 ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
http://seer.entsupport.symantec.com/docs/337392.htm CONFIRM
http://seer.entsupport.symantec.com/docs/337293.htm CONFIRM
http://seer.entsupport.symantec.com/docs/337279.htm CONFIRM
http://seer.entsupport.symantec.com/docs/336988.htm CONFIRM
http://marc.info/?l=bugtraq&m=126046186917330&w=2
HP HPSBUX02480
http://xforce.iss.net/xforce/xfdb/54665
XF multiple-symantec-vrtsweb-code-execution(54665)
http://www.vupen.com/english/advisories/2009/3483
VUPEN ADV-2009-3483
http://seer.entsupport.symantec.com/docs/337930.htm CONFIRM
http://seer.entsupport.symantec.com/docs/337859.htm CONFIRM

- Metasploit Modules Related To CVE-2009-3027

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.