Denial of Service Vulnerability in Symantec Ghost Configuration Server
CVE-2001-0598

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Ghost
Vendor: CVE Published:; 2 August 2001

Summary

Symantec Ghost versions 6.5 and earlier are susceptible to a denial of service attack. An attacker can exploit this vulnerability by sending excessively large data packets (greater than 45KB) to the Ghost Configuration Server operating on port 1347. The server fails to adequately handle such large inputs, resulting in a denial of service condition, effectively disrupting the service for legitimate users.

References

http://www.securityfocus.com/bid/2570

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/6357

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/bugtraq/2001-04/01...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Aug 2, 2001
Vulnerability Reserved
Jul 27, 2001