CAN 1999-0333
CVE 2000-0179
The second problem is in the OmniBack utility. There are a number of separate
vulnerabilities in OmniBack. The first could allow a remote attacker to
execute arbitrary commands by sending the server data which includes
certain OmniBack commands followed by semi-colons. The second could also
allow execution of commands remotely, by impersonating the OmniBack cell
server. The third vulnerability could allow a local user to overwrite
arbitrary files by creating a symbolic link from /tmp/util.tmp to the
file, which is subsequently overwritten. The fourth problem affects
OmniBack 2.55. An attacker could cause a denial-of-service by establishing
a number of connections to the server port. A similar denial-of-service
problem affects OmniBack 3.00 and 3.10.
To prevent the vulnerability in OmniBack from being exploited remotely, block port 5555 at the router. Note that this may interfere with other applications which use that port, such as personal-agent. If blocking the port is not possible, apply the the patch, or if that is not possible add access controls to inetd.sec. Note that applying access controls alone is not a complete solution.