exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free https://packetstormsecurity.com/files/143192/ssl_uaf.rb.txt https://packetstormsecurity.com/files/143192/ssl_uaf.rb.txt https://packetstormsecurity.com/files/143192/Veritas-Symantec-Backup-Exec-SSL-NDMP-Connection-Use-After-Free.html Thu, 29 Jun 2017 14:26:50 GMT This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close