Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
BID:24194
Info
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
| Bugtraq ID: | 24194 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-2279 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 01 2007 12:00AM |
| Updated: | Jun 05 2007 08:00PM |
| Credit: | Aaron Portnoy of TippingPoint DVLabs is credited with discovering this issue. |
| Vulnerable: |
Symantec Foundation for Windows 5.0 |
| Not Vulnerable: | |
Discussion
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
Symantec Storage Foundation is prone to an authentication-bypass vulnerability.
Attackers may exploit this issue to bypass the authentication mechanism in the management console and gain access to the scheduler service socket. This will allow attackers to add arbitrary commands to be executed during normal scheduled runs, compromising affected computers.
Since the affected service is not commonly exposed to unauthorized network hosts, the attacker must have local network access to exploit this issue.
This issue affects Symantec Storage Foundation 5.0 for Windows.
Symantec Storage Foundation is prone to an authentication-bypass vulnerability.
Attackers may exploit this issue to bypass the authentication mechanism in the management console and gain access to the scheduler service socket. This will allow attackers to add arbitrary commands to be executed during normal scheduled runs, compromising affected computers.
Since the affected service is not commonly exposed to unauthorized network hosts, the attacker must have local network access to exploit this issue.
This issue affects Symantec Storage Foundation 5.0 for Windows.
Exploit / POC
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
Solution:
Symantec has released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
Symantec has released an advisory and fixes to address this issue. Please see the references for more information.
References
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
References:
References:
- SYM07-009: Symantec Storage Foundation for Windows Volume Manager: Authenticatio (Symantec)
- Symantec Homepage (Symantec)
- TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication (TippingPoint)
- Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vul (TippingPoint Digital Vaccine Laboratories)