2 results (0.011 seconds)

CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foundation HA through 6.1 on Windows, and InfoScale Operations Manager (aka VIOM) Windows Management Server 7.x through 7.4.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which may not exist. On Windows systems, this path could translate to <drive>:\usr\local\ssl\openssl.cnf, where <drive> could be the default Windows installation drive such as C:\ or the drive where a Veritas product is installed. By default, on Windows systems, users can create directories under any top-level directory. • https://www.veritas.com/content/support/en_US/security/VTS20-014 •

CVSS: 4.3EPSS: 2%CPEs: 2EXPL: 0

The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets. Volume Manager Scheduler Service (también conocido como VxSchedService.exe) de Symantec Veritas Storage Foundation 5.0 para Windows permite a atacantes remotos provocar una denegación de servicio (cuelgue o caída del demonio) a través de paquetes malformados. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=665 http://secunia.com/advisories/29033 http://securitytracker.com/id?1019458 http://www.securityfocus.com/bid/27440 http://www.symantec.com/avcenter/security/Content/2008.02.20.html http://www.vupen.com/english/advisories/2008/0624 • CWE-20: Improper Input Validation •