Authentication Bypass in Symantec Storage Foundation Scheduler Service
CVE-2007-2279

Currently unrated

Key Information:

Vendor

Symantec
Status
Veritas Storage Foundation
Vendor
CVE Published:
4 June 2007

What is CVE-2007-2279?

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 contains a vulnerability that enables remote attackers to bypass authentication mechanisms. By sending crafted requests to the service socket, attackers can manipulate registry values under Veritas\VxSvc\CurrentVersion\Schedules, allowing for the execution of arbitrary commands at a future time through PreScript or PostScript configurations. This flaw can potentially lead to significant security risks if exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.symantec.com/avcenter/security/Content/2007.06...
x_refsource_CONFIRM
http://secunia.com/advisories/25537
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/470562/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.