Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Symantec Veritas, remote access via Scheduler Service

August 2008 by Vigil@nce

SYNTHESIS

An attacker can use the port of Scheduler Service, to send it packets in order to execute code.

Gravity: 2/4

Consequences: data flow

Provenance: internet client

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 18/08/2008

Identifier: VIGILANCE-VUL-8033

IMPACTED PRODUCTS

- Symantec Antivirus [confidential versions]
- Symantec Enterprise Security Manager
- Symantec Gateway Security [confidential versions]
- Symantec Norton AntiVirus

DESCRIPTION

The Symantec Scheduler service waits for messages from clients to download security updates.

The port is always open, it is possible to send it packets to change the service behavior.

An attacker can therefore send messages to the scheduler service, in order to execute code.

CHARACTERISTICS

Identifiers: 306386, BID-30596, SYM08-015, VIGILANCE-VUL-8033

https://vigilance.aql.fr/tree/1/8033




See previous articles

    

See next articles