Lucene search

[email protected]CVE-2006-1285

HistoryMar 19, 2006 - 11:02 p.m.

CVE-2006-1285

2006-03-1923:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1285

sqlanywhere

symantec ghost

sgss

database security

local user access

3.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.

Affected configurations

NVD

Node

symantecghost_solutions_suiteMatch1.0

symantecnorton_ghostMatch8.0

symantecnorton_ghostMatch8.2

CPENameOperatorVersion
symantec:ghost_solutions_suitesymantec ghost solutions suiteeq1.0
symantec:norton_ghostsymantec norton ghosteq8.0
symantec:norton_ghostsymantec norton ghosteq8.2

CPE	Name	Operator	Version
symantec:ghost_solutions_suite	symantec ghost solutions suite	eq	1.0
symantec:norton_ghost	symantec norton ghost	eq	8.0
symantec:norton_ghost	symantec norton ghost	eq	8.2

References

secunia.com/advisories/19171

securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html

securitytracker.com/id?1015733

www.securityfocus.com/bid/17019

www.vupen.com/english/advisories/2006/0870

3.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

Related for CVE-2006-1285

prion1 cvelist1 nvd1 symantec1