Lucene search

PRIOn knowledge basePRION:CVE-2007-2279

HistoryJun 04, 2007 - 4:30 p.m.

Authentication flaw

2007-06-0416:30:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.

CPENameOperatorVersion
veritas_storage_foundationeq5.0 windows

CPE	Name	Operator	Version
	veritas_storage_foundation	eq	5.0 windows

References

osvdb.org/36104

secunia.com/advisories/25537

seer.entsupport.symantec.com/docs/288627.htm

www.securityfocus.com/archive/1/470562/100/0/threaded

www.securityfocus.com/bid/24194

www.securitytracker.com/id?1018188

www.symantec.com/avcenter/security/Content/2007.06.01.html

www.vupen.com/english/advisories/2007/2035

exchange.xforce.ibmcloud.com/vulnerabilities/34680

8.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

Related for PRION:CVE-2007-2279