Vulnerability

    BackupExec

Affected

    Veritas BackupExec

Description

    Ari Saastamoinen found following.  He is using Backup system  from
    Veritas Software  and its  Linux agent.   That agent  is listening
    TCP-socket (8192 in my system) and if someone makes connection  to
    that  socket,  but  do  not  send  anything to it, the agent hangs
    forever,  even  if  you   close  that  connection.   For   example
    portscanners make it to hang.

    It is possible  that the software  is not using  select() function
    calls before read() calls and it is not using threads either.

    This will work on any  of the desktop agents (tested AIX, Solaris,
    Mac and win95).

Solution

    Ari reported that to  the Veritas and they  replied "Unfortunately
    our Backup Exec Desktop Products  do not support backing up  Linux
    machines.  I'm  afraid we would  be unable to  assist you in  this
    instance, however thank you for your interest."

    Legato Networker has no such problem.