Symantec has released a patch for its Veritas NetBackup software, saying it had discovered a buffer overflow vulnerability in the application. The flaw exists in the web programming language PHP, which NetBackup is partially written in. Successful exploitation would result in the attacker being able to take control of the affected system remotely.
This is the second time the NetBackup application has been found to have a buffer overflow issue. The last one was discovered in January, and was made worse when a security firm publicly disclosed exploit code for the issue. In this case, no known exploit is yet available, Symantec said in an advisory.