Search

Find a vulnerability

Search criteria

    26 vulnerabilities found for norton_ghost by symantec

    CVE-2011-3477 (GCVE-0-2011-3477)

    Vulnerability from nvd – Published: 2018-02-19 19:00 – Updated: 2024-08-06 23:37
    VLAI
    Summary
    GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:37:47.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47822",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47822"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-19T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "47822",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47822"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3477",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47822",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47822"
                },
                {
                  "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00",
                  "refsource": "CONFIRM",
                  "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3477",
        "datePublished": "2018-02-19T19:00:00.000Z",
        "dateReserved": "2011-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:37:47.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1517 (GCVE-0-2009-1517)

    Vulnerability from nvd – Published: 2009-05-04 18:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.655Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022120",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022120"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
              },
              {
                "name": "8523",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/8523"
              },
              {
                "name": "nortonghost-easysetupint-dos(50098)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
              },
              {
                "name": "34696",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1022120",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022120"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
            },
            {
              "name": "8523",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/8523"
            },
            {
              "name": "nortonghost-easysetupint-dos(50098)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
            },
            {
              "name": "34696",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1517",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022120",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022120"
                },
                {
                  "name": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html",
                  "refsource": "MISC",
                  "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
                },
                {
                  "name": "8523",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/8523"
                },
                {
                  "name": "nortonghost-easysetupint-dos(50098)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
                },
                {
                  "name": "34696",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1517",
        "datePublished": "2009-05-04T18:00:00.000Z",
        "dateReserved": "2009-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3666 (GCVE-0-2007-3666)

    Vulnerability from nvd – Published: 2007-07-10 19:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/43961 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24825 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/473187 mailing-listx_refsource_BUGTRAQ
    http://www.eleytt.com/advisories/eleytt_GHOST2.pdf x_refsource_MISC
    http://www.securityfocus.com/archive/1/473212 mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.283Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43961",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43961"
              },
              {
                "name": "24825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24825"
              },
              {
                "name": "20070707 [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473187"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
              },
              {
                "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "43961",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43961"
            },
            {
              "name": "24825",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24825"
            },
            {
              "name": "20070707 [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473187"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
            },
            {
              "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3666",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43961",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43961"
                },
                {
                  "name": "24825",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24825"
                },
                {
                  "name": "20070707 [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473187"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
                },
                {
                  "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3666",
        "datePublished": "2007-07-10T19:00:00.000Z",
        "dateReserved": "2007-07-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3665 (GCVE-0-2007-3665)

    Vulnerability from nvd – Published: 2007-07-10 19:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/45802 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/473187 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/24826 vdb-entryx_refsource_BID
    http://www.eleytt.com/advisories/eleytt_GHOST1.pdf x_refsource_MISC
    http://www.securityfocus.com/archive/1/473212 mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45802"
              },
              {
                "name": "20070707 [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473187"
              },
              {
                "name": "24826",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24826"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
              },
              {
                "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "45802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45802"
            },
            {
              "name": "20070707 [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473187"
            },
            {
              "name": "24826",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24826"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
            },
            {
              "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3665",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45802",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45802"
                },
                {
                  "name": "20070707 [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473187"
                },
                {
                  "name": "24826",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24826"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
                },
                {
                  "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3665",
        "datePublished": "2007-07-10T19:00:00.000Z",
        "dateReserved": "2007-07-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3132 (GCVE-0-2007-3132)

    Vulnerability from nvd – Published: 2007-06-08 16:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/24323 vdb-entryx_refsource_BID
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/archive/1/470644/100… mailing-listx_refsource_BUGTRAQ
    http://www.securitytracker.com/id?1018200 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/2075 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/2805 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/25539 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/36106 vdb-entryx_refsource_OSVDB
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    Date Public
    2007-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:28.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-ghost-udp-dos(34745)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
              },
              {
                "name": "24323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24323"
              },
              {
                "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
              },
              {
                "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
              },
              {
                "name": "1018200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018200"
              },
              {
                "name": "ADV-2007-2075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2075"
              },
              {
                "name": "2805",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2805"
              },
              {
                "name": "25539",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25539"
              },
              {
                "name": "36106",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36106"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-ghost-udp-dos(34745)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
            },
            {
              "name": "24323",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24323"
            },
            {
              "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
            },
            {
              "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
            },
            {
              "name": "1018200",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018200"
            },
            {
              "name": "ADV-2007-2075",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2075"
            },
            {
              "name": "2805",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2805"
            },
            {
              "name": "25539",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25539"
            },
            {
              "name": "36106",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36106"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-ghost-udp-dos(34745)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
                },
                {
                  "name": "24323",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24323"
                },
                {
                  "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
                },
                {
                  "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
                },
                {
                  "name": "1018200",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018200"
                },
                {
                  "name": "ADV-2007-2075",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2075"
                },
                {
                  "name": "2805",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2805"
                },
                {
                  "name": "25539",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25539"
                },
                {
                  "name": "36106",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36106"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3132",
        "datePublished": "2007-06-08T16:00:00.000Z",
        "dateReserved": "2007-06-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:28.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2361 (GCVE-0-2007-2361)

    Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.589Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
              },
              {
                "name": "symantec-backup-information-disclosure(33929)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
            },
            {
              "name": "symantec-backup-information-disclosure(33929)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2361",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
                },
                {
                  "name": "symantec-backup-information-disclosure(33929)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2361",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.589Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2359 (GCVE-0-2007-2359)

    Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "symantec-backup-unspecified-bo(33931)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "symantec-backup-unspecified-bo(33931)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "symantec-backup-unspecified-bo(33931)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2359",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2360 (GCVE-0-2007-2360)

    Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-04T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2360",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2360",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1285 (GCVE-0-2006-1285)

    Vulnerability from nvd – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/17019 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.893Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "17019",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17019"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-03-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "17019",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17019"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1285",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "17019",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17019"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1285",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1286 (GCVE-0-2006-1286)

    Vulnerability from nvd – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.950Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ghost-dbisqlc-bo(25089)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
              },
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ghost-dbisqlc-bo(25089)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
            },
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1286",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ghost-dbisqlc-bo(25089)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
                },
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1286",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.950Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1284 (GCVE-0-2006-1284)

    Vulnerability from nvd – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17018 vdb-entryx_refsource_BID
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "name": "17018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17018"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-03-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "name": "17018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17018"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1284",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "17018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17018"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1284",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0345 (GCVE-0-2002-0345)

    Vulnerability from nvd – Published: 2002-05-03 04:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://online.securityfocus.com/archive/1/258293 mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=101529792821615&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.iss.net/security_center/static/8305.php vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/4181 vdb-entryx_refsource_BID
    Date Public
    2002-02-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:27.335Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020226 RE: Symantec LiveUpdate",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/258293"
              },
              {
                "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
              },
              {
                "name": "ghost-plaintext-account(8305)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8305.php"
              },
              {
                "name": "4181",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4181"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\\params registry key, which could allow an attacker to gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020226 RE: Symantec LiveUpdate",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/258293"
            },
            {
              "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
            },
            {
              "name": "ghost-plaintext-account(8305)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8305.php"
            },
            {
              "name": "4181",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4181"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0345",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\\params registry key, which could allow an attacker to gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020226 RE: Symantec LiveUpdate",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/258293"
                },
                {
                  "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
                },
                {
                  "name": "ghost-plaintext-account(8305)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8305.php"
                },
                {
                  "name": "4181",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4181"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0345",
        "datePublished": "2002-05-03T04:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:27.335Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0598 (GCVE-0-2001-0598)

    Vulnerability from nvd – Published: 2001-07-27 04:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/2570 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2001-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:05.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2570",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2570"
              },
              {
                "name": "ghost-configuration-server-dos(6357)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
              },
              {
                "name": "20010411 def-2001-21: Ghost Multiple DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (\u003e 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2570",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2570"
            },
            {
              "name": "ghost-configuration-server-dos(6357)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
            },
            {
              "name": "20010411 def-2001-21: Ghost Multiple DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0598",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (\u003e 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2570",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2570"
                },
                {
                  "name": "ghost-configuration-server-dos(6357)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
                },
                {
                  "name": "20010411 def-2001-21: Ghost Multiple DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0598",
        "datePublished": "2001-07-27T04:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:05.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-3477 (GCVE-0-2011-3477)

    Vulnerability from cvelistv5 – Published: 2018-02-19 19:00 – Updated: 2024-08-06 23:37
    VLAI
    Summary
    GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:37:47.616Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "47822",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/47822"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-19T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "47822",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/47822"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-3477",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "47822",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/47822"
                },
                {
                  "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00",
                  "refsource": "CONFIRM",
                  "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20111109_00"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-3477",
        "datePublished": "2018-02-19T19:00:00.000Z",
        "dateReserved": "2011-09-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:37:47.616Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1517 (GCVE-0-2009-1517)

    Vulnerability from cvelistv5 – Published: 2009-05-04 18:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-04-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.655Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1022120",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1022120"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
              },
              {
                "name": "8523",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/8523"
              },
              {
                "name": "nortonghost-easysetupint-dos(50098)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
              },
              {
                "name": "34696",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34696"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1022120",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1022120"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
            },
            {
              "name": "8523",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/8523"
            },
            {
              "name": "nortonghost-easysetupint-dos(50098)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
            },
            {
              "name": "34696",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34696"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1517",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1022120",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1022120"
                },
                {
                  "name": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html",
                  "refsource": "MISC",
                  "url": "http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html"
                },
                {
                  "name": "8523",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/8523"
                },
                {
                  "name": "nortonghost-easysetupint-dos(50098)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50098"
                },
                {
                  "name": "34696",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34696"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1517",
        "datePublished": "2009-05-04T18:00:00.000Z",
        "dateReserved": "2009-05-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3666 (GCVE-0-2007-3666)

    Vulnerability from cvelistv5 – Published: 2007-07-10 19:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/43961 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24825 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/473187 mailing-listx_refsource_BUGTRAQ
    http://www.eleytt.com/advisories/eleytt_GHOST2.pdf x_refsource_MISC
    http://www.securityfocus.com/archive/1/473212 mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.283Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43961",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/43961"
              },
              {
                "name": "24825",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24825"
              },
              {
                "name": "20070707 [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473187"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
              },
              {
                "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "43961",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/43961"
            },
            {
              "name": "24825",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24825"
            },
            {
              "name": "20070707 [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473187"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
            },
            {
              "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3666",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43961",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/43961"
                },
                {
                  "name": "24825",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24825"
                },
                {
                  "name": "20070707 [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473187"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_GHOST2.pdf"
                },
                {
                  "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3666",
        "datePublished": "2007-07-10T19:00:00.000Z",
        "dateReserved": "2007-07-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.283Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3665 (GCVE-0-2007-3665)

    Vulnerability from cvelistv5 – Published: 2007-07-10 19:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/45802 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/473187 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/24826 vdb-entryx_refsource_BID
    http://www.eleytt.com/advisories/eleytt_GHOST1.pdf x_refsource_MISC
    http://www.securityfocus.com/archive/1/473212 mailing-listx_refsource_BUGTRAQ
    Date Public
    2007-05-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "45802",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/45802"
              },
              {
                "name": "20070707 [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473187"
              },
              {
                "name": "24826",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24826"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
              },
              {
                "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "45802",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/45802"
            },
            {
              "name": "20070707 [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473187"
            },
            {
              "name": "24826",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24826"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
            },
            {
              "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3665",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "45802",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/45802"
                },
                {
                  "name": "20070707 [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473187"
                },
                {
                  "name": "24826",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24826"
                },
                {
                  "name": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf",
                  "refsource": "MISC",
                  "url": "http://www.eleytt.com/advisories/eleytt_GHOST1.pdf"
                },
                {
                  "name": "20070709 Re: [Eleytt] 7LIPIEC2007",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3665",
        "datePublished": "2007-07-10T19:00:00.000Z",
        "dateReserved": "2007-07-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.033Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3132 (GCVE-0-2007-3132)

    Vulnerability from cvelistv5 – Published: 2007-06-08 16:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/24323 vdb-entryx_refsource_BID
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/archive/1/470644/100… mailing-listx_refsource_BUGTRAQ
    http://www.securitytracker.com/id?1018200 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/2075 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/2805 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/25539 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/36106 vdb-entryx_refsource_OSVDB
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    Date Public
    2007-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:28.158Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-ghost-udp-dos(34745)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
              },
              {
                "name": "24323",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24323"
              },
              {
                "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
              },
              {
                "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
              },
              {
                "name": "1018200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018200"
              },
              {
                "name": "ADV-2007-2075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2075"
              },
              {
                "name": "2805",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2805"
              },
              {
                "name": "25539",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25539"
              },
              {
                "name": "36106",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36106"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-ghost-udp-dos(34745)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
            },
            {
              "name": "24323",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24323"
            },
            {
              "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
            },
            {
              "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
            },
            {
              "name": "1018200",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018200"
            },
            {
              "name": "ADV-2007-2075",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2075"
            },
            {
              "name": "2805",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2805"
            },
            {
              "name": "25539",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25539"
            },
            {
              "name": "36106",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36106"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-ghost-udp-dos(34745)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
                },
                {
                  "name": "24323",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24323"
                },
                {
                  "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
                },
                {
                  "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
                },
                {
                  "name": "1018200",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018200"
                },
                {
                  "name": "ADV-2007-2075",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2075"
                },
                {
                  "name": "2805",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2805"
                },
                {
                  "name": "25539",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25539"
                },
                {
                  "name": "36106",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36106"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3132",
        "datePublished": "2007-06-08T16:00:00.000Z",
        "dateReserved": "2007-06-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:28.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2361 (GCVE-0-2007-2361)

    Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.589Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
              },
              {
                "name": "symantec-backup-information-disclosure(33929)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
            },
            {
              "name": "symantec-backup-information-disclosure(33929)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2361",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
                },
                {
                  "name": "symantec-backup-information-disclosure(33929)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2361",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.589Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2359 (GCVE-0-2007-2359)

    Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "symantec-backup-unspecified-bo(33931)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "symantec-backup-unspecified-bo(33931)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2359",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "symantec-backup-unspecified-bo(33931)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2359",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2360 (GCVE-0-2007-2360)

    Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id?1017971 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2007/1552 vdb-entryx_refsource_VUPEN
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://secunia.com/advisories/25013 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1017971",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1017971"
              },
              {
                "name": "ADV-2007-1552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1552"
              },
              {
                "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
              },
              {
                "name": "25013",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25013"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-05-04T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1017971",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1017971"
            },
            {
              "name": "ADV-2007-1552",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1552"
            },
            {
              "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
            },
            {
              "name": "25013",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25013"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2360",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1017971",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1017971"
                },
                {
                  "name": "ADV-2007-1552",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1552"
                },
                {
                  "name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
                },
                {
                  "name": "25013",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25013"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2360",
        "datePublished": "2007-04-30T22:00:00.000Z",
        "dateReserved": "2007-04-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1285 (GCVE-0-2006-1285)

    Vulnerability from cvelistv5 – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/17019 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.893Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "17019",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17019"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-03-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "17019",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17019"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1285",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "17019",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17019"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1285",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.893Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1286 (GCVE-0-2006-1286)

    Vulnerability from cvelistv5 – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.950Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ghost-dbisqlc-bo(25089)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
              },
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ghost-dbisqlc-bo(25089)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
            },
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1286",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ghost-dbisqlc-bo(25089)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"
                },
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1286",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.950Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1284 (GCVE-0-2006-1284)

    Vulnerability from cvelistv5 – Published: 2006-03-19 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015733 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/19171 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/17018 vdb-entryx_refsource_BID
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2006/0870 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015733",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015733"
              },
              {
                "name": "19171",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19171"
              },
              {
                "name": "17018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17018"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
              },
              {
                "name": "ADV-2006-0870",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0870"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-03-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015733",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015733"
            },
            {
              "name": "19171",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19171"
            },
            {
              "name": "17018",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17018"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
            },
            {
              "name": "ADV-2006-0870",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0870"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1284",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015733",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015733"
                },
                {
                  "name": "19171",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19171"
                },
                {
                  "name": "17018",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17018"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"
                },
                {
                  "name": "ADV-2006-0870",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0870"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1284",
        "datePublished": "2006-03-19T23:00:00.000Z",
        "dateReserved": "2006-03-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0345 (GCVE-0-2002-0345)

    Vulnerability from cvelistv5 – Published: 2002-05-03 04:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://online.securityfocus.com/archive/1/258293 mailing-listx_refsource_BUGTRAQ
    http://marc.info/?l=bugtraq&m=101529792821615&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.iss.net/security_center/static/8305.php vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/4181 vdb-entryx_refsource_BID
    Date Public
    2002-02-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:27.335Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020226 RE: Symantec LiveUpdate",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/258293"
              },
              {
                "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
              },
              {
                "name": "ghost-plaintext-account(8305)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8305.php"
              },
              {
                "name": "4181",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4181"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\\params registry key, which could allow an attacker to gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020226 RE: Symantec LiveUpdate",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/258293"
            },
            {
              "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
            },
            {
              "name": "ghost-plaintext-account(8305)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8305.php"
            },
            {
              "name": "4181",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4181"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0345",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\\params registry key, which could allow an attacker to gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020226 RE: Symantec LiveUpdate",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/258293"
                },
                {
                  "name": "20020301 Re:  \"Peter Miller\" pcmiller61@yahoo.com, 02/26/2002 03:48 AM RE:  Symantec",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101529792821615\u0026w=2"
                },
                {
                  "name": "ghost-plaintext-account(8305)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8305.php"
                },
                {
                  "name": "4181",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4181"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0345",
        "datePublished": "2002-05-03T04:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:27.335Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0598 (GCVE-0-2001-0598)

    Vulnerability from cvelistv5 – Published: 2001-07-27 04:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/2570 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    Date Public
    2001-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:05.551Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2570",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2570"
              },
              {
                "name": "ghost-configuration-server-dos(6357)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
              },
              {
                "name": "20010411 def-2001-21: Ghost Multiple DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (\u003e 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-18T21:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2570",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2570"
            },
            {
              "name": "ghost-configuration-server-dos(6357)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
            },
            {
              "name": "20010411 def-2001-21: Ghost Multiple DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0598",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (\u003e 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2570",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2570"
                },
                {
                  "name": "ghost-configuration-server-dos(6357)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6357"
                },
                {
                  "name": "20010411 def-2001-21: Ghost Multiple DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0175.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0598",
        "datePublished": "2001-07-27T04:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:05.551Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }