Back to search
CVE-2008-3703
Published: Aug 18, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create "snapshots schedules" registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31486
third-party-advisory
x_refsource_SECUNIA
20080814 SYM08-015_SFW_SecurityUpdateBypass
mailing-list
x_refsource_BUGTRAQ
http://www.zerodayinitiative.com/advisories/ZDI-08-053/
x_refsource_MISC
http://www.symantec.com/avcenter/security/Content/2008.08.14a.html
x_refsource_CONFIRM
30596
vdb-entry
x_refsource_BID
ADV-2008-2395
vdb-entry
x_refsource_VUPEN
http://seer.entsupport.symantec.com/docs/306386.htm
x_refsource_CONFIRM
vsf-vxschedservice-code-execution(44466)
vdb-entry
x_refsource_XF
4161
third-party-advisory
x_refsource_SREASON
20080814 ZDI-08-053: Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability
mailing-list
x_refsource_BUGTRAQ
1020699
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now