Ghost Solutions Suite
by Symantec
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6590 | 0.00 | — | 0.00 | Jan 8, 2020 | A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7,… | |||
| CVE-2018-18364 | 0.00 | — | 0.01 | Feb 8, 2019 | Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file… | |||
| CVE-2015-5689 | 0.00 | — | 0.03 | Sep 20, 2015 | ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to… | |||
| CVE-2012-0306 | 0.00 | — | 0.03 | Oct 18, 2012 | Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file. | |||
| CVE-2008-0640 | 0.00 | — | 0.03 | Feb 8, 2008 | Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. | |||
| CVE-2007-3132 | 0.00 | — | 0.02 | Jun 8, 2007 | Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp. | |||
| CVE-2006-1286 | 0.00 | — | 0.00 | Mar 19, 2006 | Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database. | |||
| CVE-2006-1284 | 0.00 | — | 0.00 | Mar 19, 2006 | The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks. | |||
| CVE-2006-1285 | 0.00 | — | 0.00 | Mar 19, 2006 | SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information. |
- CVE-2016-6590Jan 8, 2020risk 0.00cvss —epss 0.00
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7,…
- CVE-2018-18364Feb 8, 2019risk 0.00cvss —epss 0.01
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file…
- CVE-2015-5689Sep 20, 2015risk 0.00cvss —epss 0.03
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to…
- CVE-2012-0306Oct 18, 2012risk 0.00cvss —epss 0.03
Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file.
- CVE-2008-0640Feb 8, 2008risk 0.00cvss —epss 0.03
Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.
- CVE-2007-3132Jun 8, 2007risk 0.00cvss —epss 0.02
Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
- CVE-2006-1286Mar 19, 2006risk 0.00cvss —epss 0.00
Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.
- CVE-2006-1284Mar 19, 2006risk 0.00cvss —epss 0.00
The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
- CVE-2006-1285Mar 19, 2006risk 0.00cvss —epss 0.00
SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.