Haven't seen this posted so...

A flaw in the product's Network Data Management Protocol agent could allow an attacker to gain access to the system and download files, the Fr-SIRT (French Security Incident Response Team) said in a statement Friday. Fr-SIRT rates the vulnerability as "critical."

Symantec, which acquired Veritas in July of this year, says it is "not aware of any vendor-supplied patches for this issue," according to its alert. The company recommends that users block access to the TCP (Transmission Control Protocol) port that uses the service in question, port 10000.


http://www.infoworld.com/article/05/...tasflaw_1.html
Attacks reported for critical Veritas Backup Exec flaw | InfoWorld | News | 2005-08-12 | By Robert McMillan, IDG News Service