4 matches found
CVE-2007-2514
CVE-2007-2514 is a stack-based buffer overflow in the CentennialXferWan service (XferWan.exe) used by Centennial Discovery 2006 Feature Pack, Symantec Discovery 6.5, and Numara Asset Manager 8.0. The overflow occurs when processing overly long strings in TCP requests, due to insufficient boundary...
CVE-2007-1173
CVE-2007-1173 describes a buffer overflow flaw in the CentennialIPTransferServer (XFERWAN.EXE) used by Centennial Discovery 2006 Feature Pack 1, Numara Asset Manager 8.0, and Symantec Discovery 6.5. The vulnerability arises from processing long strings in crafted TCP packets, enabling remote arbi...
CVE-2007-2950
CVE-2007-2950 involves Centennial Discovery 2006 Feature Pack 1 (used by Numara Asset Manager 8.0 and Symantec Discovery 6.5) where insecure default directory/file permissions enable local non-privileged users to gain privileges. The Symantec advisory notes the vulnerability arises from improper ...
CVE-2005-3316
The CVE-2005-3316 entry describes a vulnerability in ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 where the installation creates two database accounts (DiscoveryWeb and DiscoveryRO) with null passwords. This could let an attacker gain privileges or disrupt Discovery by changing a passwo...