Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-2611

VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.

Security Impact Summary

CVE-2005-2611 is a security vulnerability that . Impacting 3 products from symantec_veritas, from symantec_veritas, from symantec_veritas organizations running these solutions should prioritize assessment and patching.

Historical Context

Originally identified in 2005, this vulnerability predates many modern security frameworks and practices. The vulnerability landscape of that era was characterized by different threat models and less mature defense mechanisms compared to contemporary standards.

Published

2005-08-17T04:00:00.000

Last Modified

2026-04-16T00:27:16.627

Status

Modified

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	symantec_veritas	backup_exec	netware_servers_9.0.4019	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.0.4170	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.0.4172	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.0.4174	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.0.4202	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.306	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.307	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1067_.2	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1067_.3	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1127_.1	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1151_.1	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1152	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1152_.4	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1154	Yes
Application	symantec_veritas	backup_exec	netware_servers_9.1.1156	Yes
Application	symantec_veritas	backup_exec	windows_servers_8.6	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.0	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.0_rev._4367	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.0_rev._4367_sp1	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.0_rev._4454	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.0_rev._4454_sp1	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.1	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.1_rev._4691	Yes
Application	symantec_veritas	backup_exec	windows_servers_9.1_rev._4691_sp2	Yes
Application	symantec_veritas	backup_exec	windows_servers_10.0_rev._5484	Yes
Application	symantec_veritas	backup_exec	windows_servers_10.0_rev._5484_sp1	Yes
Application	symantec_veritas	backup_exec	windows_servers_10.0_rev._5520	Yes
Application	symantec_veritas	backup_exec_remote_agent	netware_server	Yes
Application	symantec_veritas	backup_exec_remote_agent	unix_linux_server	Yes
Application	symantec_veritas	backup_exec_remote_agent	windows_server	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp1	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp2	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp3	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp4	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp5	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp6	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp7	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_fp8	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp1	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp2	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp3	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp4	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp5	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp6	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp7	Yes
Application	symantec_veritas	netbackup	netware_media_servers_4.5_mp8	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0_mp1	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0_mp2	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0_mp3	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0_mp4	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.0_mp5	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.1	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.1_mp1	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.1_mp2	Yes
Application	symantec_veritas	netbackup	netware_media_servers_5.1_mp3	Yes

References

http://secunia.com/advisories/16403 Patch, Vendor Advisory ([email protected])
http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html Patch, Vendor Advisory ([email protected])
http://securitytracker.com/id?1014662 Exploit, Patch, Vendor Advisory ([email protected])
http://www.kb.cert.org/vuls/id/378957 Patch, Third Party Advisory, US Government Resource ([email protected])
http://www.securityfocus.com/bid/14551 Exploit ([email protected])
http://www.us-cert.gov/cas/techalerts/TA05-224A.html Third Party Advisory, US Government Resource ([email protected])
http://www.vupen.com/english/advisories/2005/1387 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/21793 ([email protected])
http://secunia.com/advisories/16403 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securityresponse.symantec.com/avcenter/security/Content/2005.08.12b.html Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1014662 Exploit, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/378957 Patch, Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/14551 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA05-224A.html Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2005/1387 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21793 (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For symantec_veritas's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.