Vulnerability Details : CVE-2006-4128
Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2006-4128
- cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.3301:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1.327.401:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.0_build10.0.5520:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1.325.6301:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.1_build9.1.4691:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:9.2:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.1401:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1.326.2501:*:*:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.0:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.0_build10.0.5484:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1:*:windows_server_remote_agent:*:*:*:*:*
- cpe:2.3:a:symantec_veritas:backup_exec:10.1_build10.1.5629:*:windows_server_remote_agent:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-4128
7.88%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-4128
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
References for CVE-2006-4128
-
http://securitytracker.com/id?1016683
-
http://www.kb.cert.org/vuls/id/647796
US Government Resource
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/28336
-
http://www.securityfocus.com/bid/19479
-
http://securityreason.com/securityalert/1380
-
http://www.securityfocus.com/archive/1/443037/100/0/threaded
-
http://www.vupen.com/english/advisories/2006/3266
-
http://seer.entsupport.symantec.com/docs/284623.htm
Vendor Advisory
-
http://securityresponse.symantec.com/avcenter/security/Content/2006.08.11.html
Jump to