CVE-2008-0640

Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
symantecghost_solutions_suite
1.1
symantecghost_solutions_suite
2.0.0
symantecghost_solutions_suite
2.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/28853
http://www.securityfocus.com/bid/27644
http://www.securitytracker.com/id?1019356
http://www.symantec.com/avcenter/security/Content/2008.02.07.html
http://www.vupen.com/english/advisories/2008/0474
http://secunia.com/advisories/28853
http://www.securityfocus.com/bid/27644
http://www.securitytracker.com/id?1019356
http://www.symantec.com/avcenter/security/Content/2008.02.07.html
http://www.vupen.com/english/advisories/2008/0474