PT-2007-3693 · Symantec · Symantec Norton Ghost+3

Published

2007-04-30

Updated

2011-03-08

CVE-2007-2360

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Norton Ghost versions prior to 20070426 Symantec Norton Save & Recovery versions prior to 20070426 Symantec LiveState Recovery versions prior to 20070426 Symantec BackupExec System Recovery versions prior to 20070426

Description The issue allows local users to obtain network share credentials by calculating a key formed by a hash of the username. This is possible when remote backups of restore point images are configured.

Recommendations For Symantec Norton Ghost versions prior to 20070426, update to a version released after 20070426 to resolve the issue. For Symantec Norton Save & Recovery versions prior to 20070426, update to a version released after 20070426 to resolve the issue. For Symantec LiveState Recovery versions prior to 20070426, update to a version released after 20070426 to resolve the issue. For Symantec BackupExec System Recovery versions prior to 20070426, update to a version released after 20070426 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2360

Affected Products

Symantec Backup Exec System Recovery

Symantec Livestate Recovery

Symantec Norton Ghost

Symantec Norton Save & Recovery

PT-2007-3693 · Symantec · Symantec Norton Ghost+3

CVE-2007-2360

Related Identifiers

Affected Products

References · 6