Search criteria
6 vulnerabilities found for norton_save_and_recovery by symantec
CVE-2007-2359 (GCVE-0-2007-2359)
Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2359",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2361 (GCVE-0-2007-2361)
Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2361",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2360 (GCVE-0-2007-2360)
Vulnerability from nvd – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2360",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2359 (GCVE-0-2007-2359)
Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "symantec-backup-unspecified-bo(33931)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931"
},
{
"name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2359",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2361 (GCVE-0-2007-2361)
Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "symantec-backup-information-disclosure(33929)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33929"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2361",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2360 (GCVE-0-2007-2360)
Vulnerability from cvelistv5 – Published: 2007-04-30 22:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Ghost, Norton Save \u0026 Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017971"
},
{
"name": "ADV-2007-1552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1552"
},
{
"name": "20070426 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html"
},
{
"name": "25013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2360",
"datePublished": "2007-04-30T22:00:00",
"dateReserved": "2007-04-30T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}