CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-0640

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile6.71th
Published2008年2月8日
Last Modified2026年4月23日

Vulnerability Description

Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.

Affected Platforms (CPE)

📦
Symantec

Ghost Solutions Suite

= 1.1
📦
Symantec

Ghost Solutions Suite

= 2.0.0
📦
Symantec

Ghost Solutions Suite

= 2.0.1

References & Advisories

🔗 http://secunia.com/advisories/28853
🔗 http://www.securityfocus.com/bid/27644
🔗 http://www.securitytracker.com/id?1019356
🔗 http://www.symantec.com/avcenter/security/Content/2008.02.07.html
🔗 http://www.vupen.com/english/advisories/2008/0474
🔗 http://secunia.com/advisories/28853
🔗 http://www.securityfocus.com/bid/27644
🔗 http://www.securitytracker.com/id?1019356

相關漏洞威脅

CVE-2016-65907.8

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior ...

CVE-2018-183647.3

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type...

CVE-2012-03066.8

Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (me...

CVE-2015-56896.8

ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment ...