APP: Quest NetVault SmartDisk libnvbasics.dll Denial Of Service
A denial of service vulnerability has been reported in Quest's (formerly BakBone) NetVault SmartDisk backup application. Specifically, an input validation error exists in libnvbasics.dll, which is used by the percolatorslave.exe service listening on TCP port 37452. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service condition.
Extended Description
NetVault: SmartDisk is prone to a remote denial-of-service vulnerability. A successful exploit will cause the application to crash, effectively denying service. NOTE: Remote code execution may be possible; however, this has not been confirmed. NetVault: SmartDisk versions 1.2.2 and prior are affected.
Affected Products
Bakbone netvault:_smartdisk
Short Name
APP:MISC:QUEST-NETVAULT-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Denial NetVault Of Quest Service SmartDisk bid:48029 libnvbasics.dll
Release Date
06/16/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/37452
False Positive
Unknown
Vendors
Bakbone