VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
VRDA-091211-001
Symantec Veritas VRTSweb remote code execution, escalation of privilege
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091209_00

Symantec VRTSweb, a shared component shipped with many Symantec Veritas products, is susceptible to a remote code execution vulnerability.




About This Analysis Information
Analysis Information Provider:
 		JPCERT/CC
 		First Published:
 		2009-12-11
Source Information Category:
 		Advisory, Alert
 		Last Updated:
 		2009-12-11




Affected Product Tags
cpe:/a:symantec:veritas_storage_foundation     (Symantec Veritas Storage Foundation)
lapt:/a:symantec:backup_exec_continuous_protection_server     (Backup Exec Continuous Protection Server)
lapt:/a:symantec:veritas_application_director     (Veritas Application Director)
lapt:/a:symantec:veritas_backup_reporter     (Veritas Backup Reporter)
lapt:/a:symantec:veritas_cluster_server     (Veritas Cluster Server)
lapt:/a:symantec:veritas_cluster_server_management_console     (Veritas Cluster Server Management Console)
lapt:/a:symantec:veritas_cluster_server_one     (Veritas Cluster Server One)
lapt:/a:symantec:veritas_command_central_enterprise_reporter     (Veritas Command Central Enterprise Reporter)
lapt:/a:symantec:veritas_command_central_storage     (Veritas Command Central Storage)
lapt:/a:symantec:veritas_command_central_storage_change_manager     (Veritas Command Central Storage Change Manager)
lapt:/a:symantec:veritas_micromeasure     (Veritas MicroMeasure)
lapt:/a:symantec:veritas_netbackup_operations_manager     (Veritas NetBackup Operations Manager)
lapt:/a:symantec:veritas_storage_foundation_cluster_file_system     (Veritas Storage Foundation Cluster File System)
lapt:/a:symantec:veritas_storage_foundation_manager     (Veritas Storage Foundation Manager)
 


Vulnerability Analysis Results
[Information Source Reliability] [?]
Low [?]

Medium [?]
X High [?]
[Impact Level] [?]
Low [?]

Low-Medium [?]
Medium-High [?]
X High [?]
[Access Required] [?]
Physical [?]

Local [?]
X Non-routed [?]
Routed [?]
[Authentication] [?]
Privileged [?]

Standard [?]
Limited [?]
X None or Unnecessary [?]
[User Interaction Required] [?]
Complex [?]

Simple [?]
X None [?]
[Technical Difficulty] [?]
High [?]

Medium-High [?]
Low-Medium [?]
Low [?]
[Availability of Remediation] [?]
X Official Patch [?]

Official Workaround [?]
Unofficial Patch [?]
None [?]
[Incident Activity] [?]
X None [?]

Exploit or PoC [?]
Activity Observed [?]
Alternatives




References
Copyright © 2009 JPCERT/CC All Rights Reserved.