cvelistv5 - cve-2007-2279

CVE-2007-2279 (GCVE-0-2007-2279)

Vulnerability from cvelistv5

Published

2007-06-04 16:00

Modified

2024-08-07 13:33

Severity ?

CWE

Summary

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.

References

URL

Tags

	http://www.symantec.com/avcenter/security/Content/2007.06.01.html	x_refsource_CONFIRM
	http://secunia.com/advisories/25537	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/470562/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securitytracker.com/id?1018188	vdb-entry, x_refsource_SECTRACK
	http://seer.entsupport.symantec.com/docs/288627.htm	x_refsource_CONFIRM
	http://osvdb.org/36104	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/24194	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2007/2035	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/34680	vdb-entry, x_refsource_XF

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:33:28.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2007.06.01.html"
          },
          {
            "name": "25537",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25537"
          },
          {
            "name": "20070605 TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/470562/100/0/threaded"
          },
          {
            "name": "1018188",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018188"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://seer.entsupport.symantec.com/docs/288627.htm"
          },
          {
            "name": "36104",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36104"
          },
          {
            "name": "24194",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24194"
          },
          {
            "name": "ADV-2007-2035",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2035"
          },
          {
            "name": "symantec-scheduler-security-bypass(34680)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34680"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\\VxSvc\\CurrentVersion\\Schedules specifying future command execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2007.06.01.html"
        },
        {
          "name": "25537",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25537"
        },
        {
          "name": "20070605 TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/470562/100/0/threaded"
        },
        {
          "name": "1018188",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018188"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://seer.entsupport.symantec.com/docs/288627.htm"
        },
        {
          "name": "36104",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36104"
        },
        {
          "name": "24194",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24194"
        },
        {
          "name": "ADV-2007-2035",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2035"
        },
        {
          "name": "symantec-scheduler-security-bypass(34680)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34680"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2279",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\\VxSvc\\CurrentVersion\\Schedules specifying future command execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2007.06.01.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2007.06.01.html"
            },
            {
              "name": "25537",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25537"
            },
            {
              "name": "20070605 TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/470562/100/0/threaded"
            },
            {
              "name": "1018188",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018188"
            },
            {
              "name": "http://seer.entsupport.symantec.com/docs/288627.htm",
              "refsource": "CONFIRM",
              "url": "http://seer.entsupport.symantec.com/docs/288627.htm"
            },
            {
              "name": "36104",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36104"
            },
            {
              "name": "24194",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24194"
            },
            {
              "name": "ADV-2007-2035",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2035"
            },
            {
              "name": "symantec-scheduler-security-bypass(34680)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34680"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2279",
    "datePublished": "2007-06-04T16:00:00.000Z",
    "dateReserved": "2007-04-26T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:33:28.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-248

Vulnerability from certfr_avis

Deux vulnérabilités découvertes dans les produits Symantec permettent à un utilisateur distant malintentionné de provoquer un déni de service, de contourner la politiquer de sécurité ou d'exécuter du code arbitraire.

Description

Une vulnérabilité dans le service Scheduler Service (VxSchedService.exe) peut être exploitée par un utilisateur malveillant pour contourner la politique de sécurité. Un individu peut exploiter cette vulnérabilité afin d'exécuter du code arbitraire à distance.

Une seconde vulnérabilité dans le service Veritas Volume Replicator permet à une personne malintentionnée de provoquer l'arrêt brutal du service à distance ou, dans certaines circonstances, de consommer toutes les ressources du système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec Veritas Storage Foundation for Database 4.x ;
Symantec	N/A	Symantec Veritas Storage Foundation 5.x ;
Symantec	N/A	Symantec Veritas Storage Foundation Cluster File System 4.x ;
Symantec	N/A	Symantec Veritas Storage Foundation for Oracle Real Application Clusters 4.x ;
Symantec	N/A	Symantec Veritas Storage Foundation 4.x ;
Symantec	N/A	Symantec Veritas Volume Manager 3.x.

References

Title

Publication Time

Tags

Bulletins de sécurité Symantec SYM07-009 du 01 juin 2007	None	vendor-advisory
Bulletins de sécurité Symantec SYM07-010 du 01 juin 2007	None	vendor-advisory
Bulletin de sécurité Symantec SYM07-010 du 01 juin 2007 :	-	other
Bulletin de sécurité Symantec SYM07-009 du 01 juin 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Veritas Storage Foundation for Database 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Veritas Storage Foundation 5.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Veritas Storage Foundation Cluster File System 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Veritas Storage Foundation for Oracle Real Application Clusters 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Veritas Storage Foundation 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Veritas Volume Manager 3.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans le service Scheduler Service (VxSchedService.exe)\npeut \u00eatre exploit\u00e9e par un utilisateur malveillant pour contourner la\npolitique de s\u00e9curit\u00e9. Un individu peut exploiter cette vuln\u00e9rabilit\u00e9\nafin d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nUne seconde vuln\u00e9rabilit\u00e9 dans le service Veritas Volume Replicator\npermet \u00e0 une personne malintentionn\u00e9e de provoquer l\u0027arr\u00eat brutal du\nservice \u00e0 distance ou, dans certaines circonstances, de consommer toutes\nles ressources du syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-2279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2279"
    },
    {
      "name": "CVE-2007-1593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1593"
    }
  ],
  "initial_release_date": "2007-06-04T00:00:00",
  "last_revision_date": "2007-06-04T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM07-010 du 01 juin 2007 :",
      "url": "http://www.symantec.com/avcenter/security/Content/2007.06.01a.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM07-009 du 01 juin 2007 :",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.01.html"
    }
  ],
  "reference": "CERTA-2007-AVI-248",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-06-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits Symantec permettent \u00e0\nun utilisateur distant malintentionn\u00e9 de provoquer un d\u00e9ni de service,\nde contourner la politiquer de s\u00e9curit\u00e9 ou d\u0027ex\u00e9cuter du code\narbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Symantec Veritas Storage",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Symantec SYM07-009 du 01 juin 2007",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Symantec SYM07-010 du 01 juin 2007",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-2279 (GCVE-0-2007-2279)

Vulnerability from cvelistv5

CERTA-2007-AVI-248

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature