4 matches found
Authentication flaw
The management console in the Volume Manager Scheduler Service aka VxSchedService.exe in Symantec Veritas Storage Foundation for Windows SFW 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that...
CVE-2008-3703
The CVE-2008-3703 issue affects Symantec Veritas Storage Foundation for Windows (SFW) where the Volume Manager Scheduler Service (VxSchedService.exe) allows NULL NTLMSSP authentication, enabling remote attackers to manipulate snapshot schedules through the service socket and potentially execute a...
CVE-2007-2279
The Scheduler Service VxSchedService.exe in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create 1 PreScript or 2 PostScript registry values under...
Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) Remote Code Execution
The remote host is running a version of Symantec Storage Foundation for Windows that is vulnerable to a remote scheduler service access. An attacker may exploit this flaw to modify or create scheduled commands and gain a full access to the system. To exploit this flaw, an attacker would need to...