Remote Command Execution Vulnerability in Symantec Ghost Solution Suite
CVE-2008-0640

Currently unrated

Key Information:

Vendor: Symantec
Status: Ghost Solutions Suite
Vendor: CVE Published:; 8 February 2008

Summary

The vulnerability in Symantec Ghost Solution Suite allows attackers to execute arbitrary commands due to a lack of authentication between the management console and the management agent. This vulnerability can be exploited through unspecified Remote Procedure Call (RPC) requests, particularly when combined with ARP spoofing techniques. As a result, malicious actors could potentially manipulate system commands and compromise the integrity of the affected systems.

References

http://secunia.com/advisories/28853

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/0474

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1019356

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Feb 8, 2008
Vulnerability Reserved
Feb 6, 2008