Veritas flaw lets hackers access files
Hackers are exploiting an unpatched vulnerability in Symantec's Veritas Backup Exec Agent for Windows servers.
A flaw in the product's Network Data Management Protocol system potentially allows attackers to gain access to users' systems and download files. The flaw has been reported by both the Fr-SIRT (French Security Incident Response Team) and the SANS Internet Storm Centre.
Users have been advised to block or restrict access to TCP (Transmission Control Protocol) port 10000, which uses the flawed system.
US Cert, the computer security readiness team, also urged users to deploy host-based firewalls in addition to network-based firewalls, which can help restrict access to specific hosts.
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.