VERITAS Backup Exec and NetBackup are affected by a remote access
vulnerability allowing unauthorized access and downloading of arbitrary
files. An encrypted but static password is transferred during the
authentication process between the agent and the server that, when
properly manipulated can be leveraged to gain remote access to the
application and download arbitrary files from and to the backup server.