01:17 PM

Symantec Patches Bug That Allows Remote Control

The vulnerability in Symantec's Veritas NetBackup PureDisk application was called "moderately critical."

Symantec on Wednesday patched a vulnerability in its Veritas NetBackup PureDisk application that left unfixed could let attackers worm their way into systems and gain control over the machines.

The bug, which Danish vulnerability tracker Secunia pegged as "moderately critical," was found during an internal security code review, Symantec said in an alert posted on its support site.

Although NetBackup PureDisk's management console is by default accessible only through an SSL connection, it was possible for an unauthorized users to bypass the authentication scheme and elevate their access rights to wrest complete control of the server.

Symantec issued an update dubbed "Maintenance Pack 1" to fix the flaw. The update can be downloaded from the Cupertino, Calif.-based security vendor's site.

Symantec's Veritas products have been hit hard by vulnerabilities in the last year. In January, for instance, Symantec warned of an exploit hunting for a bug that had been patched in November 2005. Last summer, the company notified users that various backup titles were afflicted with 8 different flaws.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest August 03, 2015
The networking industry agrees that software-defined networking is the way of the future. So where are all the deployments? We take a look at where SDN is being deployed and what's getting in the way of deployments.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 26, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.