Symantec Backup Exec DoS and Phishing Survey

Symantec Backup Exec for Windows Servers is vulnerable to denial of service. There are two different issues that could cause a denial of service, one being a NULL pointer reference that can cause the backup exec job engine service to crash with a specially crafted packet sent to TCP port 5633. Two integer overflows within the engine, triggered by a specially crafted packet to port 5633 can cause the service to enter an infinite loop consuming large amounts of CPU time. Backup Exec version 11d build 11.0.7170 and version 11d build 11.0.6.6235 are affected. Users should upgrade to versions Build 11.0.7170 and Build 11.0.6235 respectively.

We found a survey published today that some of you may be interested in. Cloudmark Inc., an anti-spam, anti-phishing outfit, released a survey about phishing sites, and the effects on the perception of the company being phished. It seems that some people (42% of the people surveyed) would have their trust in the brand “greatly reduced” after receiving a phishing email claiming to be from them. Now, of course the phishing email has absolutely nothing to do with the actual company, but it still seems to leave an impression. If the results of this survey can be trusted, it looks like some consumers need to be educated about phishing attacks and the relation to the brand.

Leave a Reply