Veritas Backup Exec Remote Agent Critical Vulnerability

Another vulnerability has been found in Backup Exec. This release affects the Backup Exec Remote Agent listening on tcp/10000. Given there is an active exploit and that servers or other important systems usually have this service running, all FNAL systems using Backup Exec services must be patched to the latest patch level (and continue to update as new patches from Veritas are made available). There have been a few Backup Exec vulnerabilities release over the past few months, along with one released at the same time as this Remote Agent vulnerability which affects the Backup Exec server itself. At this time there is no declaration preventing exposure of Backup Exec services to the Internet (but may be forthcoming), but it is HIGHLY RECOMMENDED to implement host based access controls on all of your Backup Exec and Backup Exec Client installations to prevent exposure of the Backup Exec services to the general Internet.

See http://seer.support.veritas.com/docs/276604.htm for details about this vulnerability. Consult the Veritas web site for current patches depending on your version of Backup Exec installed.