Authentication Bypass in Symantec Storage Foundation Scheduler Service
CVE-2007-2279
Currently unrated
What is CVE-2007-2279?
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 contains a vulnerability that enables remote attackers to bypass authentication mechanisms. By sending crafted requests to the service socket, attackers can manipulate registry values under Veritas\VxSvc\CurrentVersion\Schedules, allowing for the execution of arbitrary commands at a future time through PreScript or PostScript configurations. This flaw can potentially lead to significant security risks if exploited.