Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Vigil@nce: Symantec Veritas, remote access via Scheduler Service

August 2008 by Vigil@nce


An attacker can use the port of Scheduler Service, to send it packets in order to execute code.

Gravity: 2/4

Consequences: data flow

Provenance: internet client

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 18/08/2008

Identifier: VIGILANCE-VUL-8033


- Symantec Antivirus [confidential versions]
- Symantec Enterprise Security Manager
- Symantec Gateway Security [confidential versions]
- Symantec Norton AntiVirus


The Symantec Scheduler service waits for messages from clients to download security updates.

The port is always open, it is possible to send it packets to change the service behavior.

An attacker can therefore send messages to the scheduler service, in order to execute code.


Identifiers: 306386, BID-30596, SYM08-015, VIGILANCE-VUL-8033

See previous articles


See next articles