CVE

Id
21006  
CVE No.
CVE-2006-4902  
Status
Candidate  
Description
The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands.  
Phase
Assigned (20060920)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
199163 21006 CVE-2006-4902 ISS:20061213 Symantec Veritas Netbackup 5.0/5.1 and 6.0 Logic Vulnerability  View
199164 21006 CVE-2006-4902 URL:http://www.iss.net/threats/247.html  View
199165 21006 CVE-2006-4902 CONFIRM:http://www.symantec.com/avcenter/security/Content/2006.12.13a.html  View
199166 21006 CVE-2006-4902 CERT-VN:VU#252936  View
199167 21006 CVE-2006-4902 URL:http://www.kb.cert.org/vuls/id/252936  View
199168 21006 CVE-2006-4902 BID:21565  View
199169 21006 CVE-2006-4902 URL:http://www.securityfocus.com/bid/21565  View
199170 21006 CVE-2006-4902 VUPEN:ADV-2006-4999  View
199171 21006 CVE-2006-4902 URL:http://www.vupen.com/english/advisories/2006/4999  View
199172 21006 CVE-2006-4902 SECTRACK:1017379  View
199173 21006 CVE-2006-4902 URL:http://securitytracker.com/id?1017379  View
199174 21006 CVE-2006-4902 SECUNIA:23368  View
199175 21006 CVE-2006-4902 URL:http://secunia.com/advisories/23368  View
199176 21006 CVE-2006-4902 XF:backup-invalid-input(27638)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
60931 JVNDB-2006-003197 Qualiteam X-Cart の cmpi.php における任意のプログラム変数を上書きされる脆弱性 Qualiteam X-Cart の cmpi.php は、動的変数評価に不備があるため、任意のプログラム変数を上書きされる、および任意の PHP コードを実行される脆弱性が存在します。 CVE-2006-4904 21006 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003197.html  View