Malicious code to exploit a vulnerability in Veritas Software's Backup Exec Remote Agent for Windows is publicly available, the US Computer Emergency Readiness Team said in an alert Thursday in the US. The organisation has received reports of attacks and has seen an increase in scanning activity on TCP Port 10000, an indication that hackers are looking for vulnerable systems.
The buffer overflow flaw in the Veritas software could allow an intruder to gain control of a vulnerable system. The tool is used to trigger backup of data on Microsoft Windows servers, to protect the data from computer crashes, storage system catastrophes and other risks. It listens for commands addressed to TCP Port 10000 and accepts links to the backup server before the backup. However, it fails to properly validate incoming packets, Veritas said in an advisory last week.
The Backup Exec Remote Agent bug is one of several flaws in Backup Exec products that Veritas provided fixes for last week. The problem was discovered by security company iDefense, the storage company said.
The company and US-CERT are urging companies to apply the patches. For protection, they could also use a firewall to filter traffic on Port 10000 to accept only commands from backup servers, US-CERT said.
A Veritas representative said the company is not aware of any attacks on customer systems.
Veritas is in the process of merging with security specialist Symantec.
Mr AT Alishtari, the founder and POA of EDI Secure LLLP, that owns the patent on single use credit card number ID in the US. He says cyber mafias do not see the U.S. Federal 4th of July holiday like citizens do. To cyber mafia, the Bastille Day in France, the 4th of July in the U.S or the Federal holidays in Canada or Australia are just another opportunity to test infiltration software since the good guys are out watching fireworks.
Mr. Alishtari still asks why doesn't industry take private ID offline in a non-data EDI? The answer is it is not a big IT software or hardware company solution even if it works. The Chinese, Germans and U.K. now take private ID offline by using two factor authentification with an offline device and the next step is backing up data on non-online EDI's.
The creation of a safe place online should be a global priority to all industries related to private ID protection.