|
Symantec Ghost Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA19171
|
|
|
Release Date:
|
2006-03-08
|
|
Last Update:
|
2006-03-21
|
|
Popularity:
|
9,034 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Manipulation of data
Exposure of sensitive information
Privilege escalation
|
|
Where:
|
Local system
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Symantec Ghost 8.x
Symantec Ghost Solution Suite 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2006-1284
CVE-2006-1285
CVE-2006-1286
|
|
Description:
Three vulnerabilities have been reported in Symantec Ghost, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, modify certain data, and potentially gain escalated privileges.
1) Default administrator login id and password left behind during installation can be used by local users to modify or delete stored administrative tasks. This can be exploited to modify tasks to run arbitrary code on the local system.
2) Insecure permissions in the shared memory sections within the Sybase SQLAnywhere database used by Symantec Ghost can potentially be exploited to gain access to, and to modify information stored in the database.
3) A boundary error in the login dialog box of dbisqlc.exe which is installed as a part of the SQLAnywhere package, can cause a buffer overflow. This can potentially be exploited to gain access to information stored in the database that is not normally accessible.
The vulnerabilities have been reported in the following versions:
* Symantec Ghost 8.0.
* Symantec Ghost 8.2 (shipped as a part of Symantec Ghost Solutions Suite 1.0).
Solution:
Update to Symantec Ghost 8.3 that is shipped as a part of Symantec Ghost Solutions Suite 1.1.
Provided and/or discovered by:
The vendor credits Ollie Whitehouse, Symantec.
Changelog:
2006-03-21: Added CVE references.
Original Advisory:
http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
