CVE-2008-0640

Currently unrated

Key Information:

Vendor: Symantec
Status: Ghost Solutions Suite
Vendor: CVE Published:; 8 February 2008

Summary

Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.

References

http://secunia.com/advisories/28853

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/0474

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1019356

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 8, 2008
Vulnerability Reserved
Feb 6, 2008