The vulnerability in Symantec's Veritas NetBackup PureDisk application was called "moderately critical."
Symantec on Wednesday patched a vulnerability in its Veritas NetBackup PureDisk application that left unfixed could let attackers worm their way into systems and gain control over the machines.
The bug, which Danish vulnerability tracker Secunia pegged as "moderately critical," was found during an internal security code review, Symantec said in an alert posted on its support site.
Although NetBackup PureDisk's management console is by default accessible only through an SSL connection, it was possible for an unauthorized users to bypass the authentication scheme and elevate their access rights to wrest complete control of the server.
Symantec's Veritas products have been hit hard by vulnerabilities in the last year. In January, for instance, Symantec warned of an exploit hunting for a bug that had been patched in November 2005. Last summer, the company notified users that various backup titles were afflicted with 8 different flaws.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.