Remote Code Execution Vulnerability in Symantec Veritas Storage Foundation Management Console
CVE-2008-3703

Currently unrated

Key Information:

Vendor: Symantec
Status: Veritas Storage Foundation
Vendor: CVE Published:; 18 August 2008

Summary

The Volume Manager Scheduler Service in Symantec Veritas Storage Foundation for Windows is vulnerable due to its acceptance of NULL NTLMSSP authentication. This flaw allows remote attackers to exploit the service by sending specially crafted requests that can manipulate registry values for 'snapshot schedules'. Consequently, attackers could execute arbitrary code. This vulnerability is a continuation of issues stemming from CVE-2007-2279, indicating that a previous fix was insufficient.

References

http://secunia.com/advisories/31486

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/495481

mailing-listx_refsource_BUGTRAQ

http://www.zerodayinitiative.com/advisories/ZDI-08-053/

x_refsource_MISC

EPSS Score

40% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 18, 2008
Vulnerability Reserved
Aug 18, 2008