Veritas flaw opens systems to data theft

French security research firm FrSIRT has issued a warning of a flaw in Veritas' backup software.

The vulnerability affects Backup Exec versions 10, 9.1, 9.0 and 8.x for Windows server. The security hole could allow remote hackers to access the system and steal data. FrSIRT gave the hole its highest security rating of " critical". 

The SANS Internet Storm Center on Thursday reported that it has already seen an increase in scans for port 10000, which the vulnerability targets. SANS advises users of the backup product to block all access to it from untrusted networks.

A spokeswoman from Symantec, Veritas' parent company, confirmed the flaw to vnunet.com.

There is currently no patch available and the company could not provide an expected release date for a fix.

"Symantec strongly recommends its customers update their product signatures immediately," the spokeswoman said. "Symantec also recommends its Backup Exec customers block the Network Data Management Protocol port (NDMP, TCP port 10000).

The company published a security advisory on its website to inform customers.

There initially was some confusion about which versions of the software were affected. Symantec at first only listed version numbers 8.0, 8.5 and 8.6 as vulnerable. The company promised to soon post an updated version of its advisory, which by late Friday afternoon wasn't yet available.