Unrated severityNVD Advisory· Published Feb 8, 2008· Updated Apr 23, 2026

CVE-2008-0640

Description

Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.

Affected products

Symantec/Ghost Solutions Suite3 versions
cpe:2.3:a:symantec:ghost_solutions_suite:1.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:symantec:ghost_solutions_suite:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:ghost_solutions_suite:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:ghost_solutions_suite:2.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.symantec.com/avcenter/security/Content/2008.02.07.htmlnvdPatch
secunia.com/advisories/28853nvdVendor Advisory
www.vupen.com/english/advisories/2008/0474nvdVendor Advisory
www.securityfocus.com/bid/27644nvd
www.securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000