Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0640

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0640
Last Modified 25 Jul 2011 12:00:00
Published 07 Feb 2008 09:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0640

Summary

Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.

Vulnerable Systems

Application

  • Symantec Ghost Solutions Suite 1.1

  • Symantec Ghost Solutions Suite 2.0.0

  • Symantec Ghost Solutions Suite 2.0.1


References

CONFIRM - http://www.symantec.com/avcenter/security/Content/2008.02.07.html

VUPEN - ADV-2008-0474

SECTRACK - 1019356

BID - 27644

SECUNIA - 28853


Last Updated: 27 May 2016 10:46:52