CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-4347
https://notcve.org/view.php?id=CVE-2007-4347
Multiple integer overflows in the Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allow remote attackers to cause a denial of service (CPU and memory consumption) via a crafted packet to port 5633/tcp, which triggers an infinite loop. Múltiples desbordamientos de entero en el servicio Job Engine (bengine.exe) de Symantec Backup Exec para Windows Servers (BEWS) 11d build 11.0.7170 y 11.0.6.6235 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU y memoria) mediante un paquete artesanal al puerto 5633/tcp, lo cual provoca un bucle infinito. • http://secunia.com/advisories/26975 http://secunia.com/secunia_research/2007-74/advisory http://securityresponse.symantec.com/avcenter/security/Content/2007.11.27.html http://www.securityfocus.com/archive/1/484318/100/0/threaded http://www.securityfocus.com/archive/1/484333/100/0/threaded http://www.securityfocus.com/bid/26029 http://www.securitytracker.com/id?1019001 http://www.vupen.com/english/advisories/2007/4019 https://exchange.xforce.ibmcloud.com/vulnerabilities/38677 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2007-2360
https://notcve.org/view.php?id=CVE-2007-2360
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key. Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery anterior a 20070426, cuando están los backups remotos de las imágenes del punto de restauración configurados, cifra las credenciales de la parte de la red con una llave formada por un hash del username, que permite que los usuarios locales obtengan las credenciales calculando la llave. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520 http://secunia.com/advisories/25013 http://www.securitytracker.com/id?1017971 http://www.symantec.com/avcenter/security/Content/2007.04.26.html http://www.vupen.com/english/advisories/2007/1552 •
CVSS: 4.9EPSS: 0%CPEs: 16EXPL: 0CVE-2007-2361
https://notcve.org/view.php?id=CVE-2007-2361
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file. Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery versiones anteriores a 20070426, cuando están configurados copias de respaldo remotas o imágenes de puntos de restauranción, utiliza permisos débiles (leibles por todos) para un fichero de configuración con credenciales de carpetas compartidas de red, lo cual permite a usuarios locales obtener las credenciales al leer el fichero. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520 http://secunia.com/advisories/25013 http://www.securitytracker.com/id?1017971 http://www.symantec.com/avcenter/security/Content/2007.04.26.html http://www.vupen.com/english/advisories/2007/1552 https://exchange.xforce.ibmcloud.com/vulnerabilities/33929 •
CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0CVE-2007-2359
https://notcve.org/view.php?id=CVE-2007-2359
Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string. Desbordamiento de búfer en Ghost Service Manager, tal y como se usa en Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery versiones anteriores a 20070426, permite a usuarios locales obtener privilegios mediante una cadena larga. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519 http://secunia.com/advisories/25013 http://www.securitytracker.com/id?1017971 http://www.symantec.com/avcenter/security/Content/2007.04.26.html http://www.vupen.com/english/advisories/2007/1552 https://exchange.xforce.ibmcloud.com/vulnerabilities/33931 •