Detections
Analytics

Symantec AppStream / Workspace Streaming Remote Code Execution (SYM10-008)

high Nessus Plugin ID 47046

Language:

Synopsis

The remote host has a code execution vulnerability.

Description

The version of Symantec AppStream or Symantec Workspace Streaming running on the remote host has a remote code execution vulnerability.
The client does not properly authenticate to the server before downloading available files.

A remote attacker could exploit this by setting up a rogue Workspace Streaming server, forcing clients to download arbitrary files without the need for user interaction. This could result in arbitrary code execution.

Solution

Upgrade to Symantec Workspace Streaming 6.1 SP4 (6.2.0.924) or later.

See Also

http://www.nessus.org/u?d8ec5aa0

Plugin Details

Severity: High

ID: 47046

File Name: symantec_sym10-008.nasl

Version: 1.11

Type: local

Agent: windows

Family: Windows

Published: 6/18/2010

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:symantec:workspace_streaming, cpe:/a:symantec:appstream

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 5/28/2010

Vulnerability Publication Date: 6/16/2010

Reference Information

CVE: CVE-2008-4389

BID: 40611

CERT: 221257

Secunia: 40233