SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Symantec Ghost Vendors:   Symantec
Symantec Ghost Solution Suite Authentication Bug Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1019356
SecurityTracker URL:  http://securitytracker.com/id/1019356
CVE Reference:   CVE-2008-0640   (Links to External Site)
Date:  Feb 8 2008
Impact:   Execution of arbitrary code via network, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.1, 2.0.0, 2.0.1
Description:   A vulnerability was reported in Symantec Ghost Solution Suite. A remote user can execute arbitrary code on the target system.

The system does not properly authenticate communications between the Ghost Console and the Ghost Management Agent. A remote user on the local network can conduct an ARP spoofing attack to impersonate a Ghost server and execute arbitrary commands on the target Ghost client. The commands will run with System privileges.

Only systems that use the Ghost Console or the Ghost Management Agent are affected.

Nicolas Pouvesle of Tenable Security reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (1.1 patch 2 and 2.0.2).

The Symantec advisory is available at:

http://securityresponse.symantec.com/avcenter/security/Content/2008.02.07.html

Vendor URL:  securityresponse.symantec.com/avcenter/security/Content/2008.02.07.html (Links to External Site)
Cause:   Authentication error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC