SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Symantec Reporting Server Vendors:  Symantec
Symantec Reporting Server Lets Remote Users Execute Arbitrary Code or Obtain the Administrative Password
SecurityTracker Alert ID:  1018196
SecurityTracker URL:  http://securitytracker.com/id?1018196
CVE Reference:  CVE-2007-3021 ,  CVE-2007-3022   (Links to External Site)
Date:  Jun 5 2007
Impact:  Disclosure of authentication information, Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Advisory:  Symantec Advisory
Version(s): 1.0.197.0
Description:  Two vulnerabilities were reported in Symantec Reporting Server. A remote user can execute arbitrary code on the target system. A remote user can determine the administrative password.

A remote user can modify a file that is created when exporting data from the Reporting Server to be an executable file [CVE-2007-3021]. Then, the remote user can execute the file with the privileges of the target service.

Symantec credits Ertunga Arsal of Tech Data GmbH & Co. OHG with reporting this vulnerability.

A remote user can obtain the hashed administrative password during a failed login attempt [CVE-2007-3022]. Then, the remote user can use this hashed password to gain administrative access to the target Reporting Server.

Symantec credits Mikko Korppi with reporting this vulnerability.
Impact:  A remote user can execute arbitrary code on the target system.

A remote user can determine the administrative password.
Solution:  The vendor has issued a fixed version (1.0.224.0).

The fixed version is included within Symantec AntiVirus Corporate Edition 10.1 MR6 build 6000 (10.1.6.6000) or later and within Symantec Client Security 3.1 MR6 build 6000 (3.1.6.6000) or later.

The Symantec advisories are available at:

http://securityresponse.symantec.com/avcenter/security/Content/2007.06.05.html
http://securityresponse.symantec.com/avcenter/security/Con tent/2007.06.05a.html
Vendor URL:  securityresponse.symantec.com/avcenter/security/Content/2007.06.05.html (Links to External Site)
Cause:  Access control error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Tue, 5 Jun 2007 14:42:23 -0400
Subject:  Symantec Reporting Server

 
 
http://securityresponse.symantec.com/avcenter/security/Content/2007.06.05.html
http://securityresponse.symantec.com/avcenter/security/Content/2007.06.05a.html
 
CVE-2007-3021
CVE-2007-3022


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC