| VID |
12095 |
| Severity |
40 |
| Port |
4888 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The Windows host is running a version of Symantec Storage Foundation which is vulnerable to an authentication bypass vulnerability. The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Microsoft Windows 5.0 could allow a remote attacker to bypass authentication and execute arbitrary code on the affected host. By sending specially-crafted requests to the TCP service listening on port 4888, a remote attacker could bypass the built-in authentication in the management console and possibly manipulate the registry with arbitrary commands, which could be executed during regularly scheduled runs.
* References:
http://www.symantec.com/avcenter/security/Content/2007.06.01.html
http://www.securityfocus.com/archive/1/archive/1/470562/100/0/threaded
http://seer.entsupport.symantec.com/docs/288627.htm
http://www.frsirt.com/english/advisories/2007/2035
http://www.securitytracker.com/id?1018188
http://secunia.com/advisories/25537
* Platforms Affected:
Symantec Veritas Storage Foundation 5.0
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch for this vulnerability, as listed in Symantec Security Bulletin SYM07-009 at http://www.symantec.com/avcenter/security/Content/2007.06.01.html |
| Related URL |
CVE-2007-2279 (CVE) |
| Related URL |
24194 (SecurityFocus) |
| Related URL |
34680 (ISS) |
|
