Signature Detail
Short Name |
APP:VERITAS-ADMIN-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Symantec VERITAS Storage Foundation Administrator Service Buffer Overflow |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Symantec VERITAS Storage Foundation Administrator Service Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Symantec VERITAS Storage Foundation. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Symantec Storage Foundation is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue occurs in the Symantec Veritas Enterprise Administrator (VEA) component. An attacker can exploit this issue to execute arbitrary code in the context of the SYSTEM user. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
- Symantec Storage Foundation for Unix 5.0
- Symantec Storage Foundation for Windows (32-bit) 5.0
- Symantec Storage Foundation for Windows (64-bit) 5.0
References
- BugTraq: 25778
- CVE: CVE-2008-0638