Detections
Analytics

Symantec Ghost Solution Suite Backup File Handling Memory Corruption (SYM12-016)

medium Nessus Plugin ID 62716

Language:

Synopsis

The remote Windows host has an application installed that is affected by a memory corruption vulnerability.

Description

The Symantec Ghost Solution Suite install on the remote Windows host is earlier than build 11.5.1.2620. As such, it is potentially affected by a memory corruption vulnerability when parsing specially crafted '.gho' files. By exploiting this flaw, a remote attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Solution

If necessary, upgrade to Symantec Ghost Solution Suite version 2.5.1 and ensure that the install is build 11.5.1.2266 or above. Then apply patch GSS25x_b2620, which results in build 11.5.1.2620.

See Also

http://www.nessus.org/u?05a23e13

http://www.nessus.org/u?46e76df5

Plugin Details

Severity: Medium

ID: 62716

File Name: symantec_ghost_suite_sym12-016.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 10/26/2012

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:symantec:ghost_solutions_suite

Required KB Items: SMB/Symantec Ghost Suite/Build, SMB/Symantec Ghost Suite/Path

Exploit Ease: No known exploits are available

Patch Publication Date: 10/10/2012

Vulnerability Publication Date: 10/10/2012

Reference Information

CVE: CVE-2012-0306

BID: 55748