Lucene search

[email protected]CVE-2006-1285

HistoryMar 19, 2006 - 11:02 p.m.

CVE-2006-1285

2006-03-1923:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1285

sqlanywhere

symantec ghost

sgss

database security

local user access

6.5 Medium

AI Score

Confidence

Low

3.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

8.8%

JSON

SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.

CPENameOperatorVersion
symantec:ghost_solutions_suitesymantec ghost solutions suiteeq1.0
symantec:norton_ghostsymantec norton ghosteq8.0
symantec:norton_ghostsymantec norton ghosteq8.2

CPE	Name	Operator	Version
symantec:ghost_solutions_suite	symantec ghost solutions suite	eq	1.0
symantec:norton_ghost	symantec norton ghost	eq	8.0
symantec:norton_ghost	symantec norton ghost	eq	8.2

References

secunia.com/advisories/19171

securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html

securitytracker.com/id?1015733

www.securityfocus.com/bid/17019

www.vupen.com/english/advisories/2006/0870

6.5 Medium

AI Score

Confidence

Low

3.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

8.8%

JSON

Related for CVE-2006-1285

prion1 symantec1