CVE-2006-1285

SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite SGSS 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information...

CVE-2006-1286

The CVE covers a local buffer overflow in the login dialog (dbisqlc.exe) of SQL Anywhere used with Symantec Ghost 8.0/8.2 (SGSS 1.0). Root cause: improper handling in the login dialog could allow a local user to read sensitive data from the database. Impact per sources: potential unauthorized inf...

CVE-2006-1285

The CVE-2006-1285 issue affects Symantec Ghost 8.0/8.2 (as used in Symantec Ghost Solutions Suite 1.0). The root cause is a memory-mapping permission problem in the database shared memory, causing read/write access for all users and enabling potential local access to data. Affected component: SQL...

Symantec Ghost: Local access vulnerabilities in Database

SUMMARY Symantec engineers updated the db component to address three local access vulnerabilities discovered in the database installed with Symantec Ghost and the Central Management Console in Symantec Ghost Solutions Suite SGSS 1.0. Exploitation of any of these issues requires physical access to...