Vulnerability Details : CVE-2008-3703
The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation for Windows (SFW) 5.0, 5.0 RP1a, and 5.1 accepts NULL NTLMSSP authentication, which allows remote attackers to execute arbitrary code via requests to the service socket that create "snapshots schedules" registry values specifying future command execution. NOTE: this issue exists because of an incomplete fix for CVE-2007-2279.
Vulnerability category: Execute codeBypassGain privilege
Products affected by CVE-2008-3703
- cpe:2.3:a:symantec:veritas_storage_foundation:5.0:*:windows:*:*:*:*:*
- cpe:2.3:a:symantec:veritas_storage_foundation:5.0:rp1a:windows:*:*:*:*:*
- cpe:2.3:a:symantec:veritas_storage_foundation:5.1:*:windows:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-3703
91.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-3703
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2008-3703
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-3703
-
http://seer.entsupport.symantec.com/docs/306386.htm
Patch
-
http://www.zerodayinitiative.com/advisories/ZDI-08-053/
-
http://securitytracker.com/id?1020699
-
http://www.securityfocus.com/archive/1/495481
-
http://www.securityfocus.com/bid/30596
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44466
-
http://securityreason.com/securityalert/4161
-
http://www.securityfocus.com/archive/1/495487/100/0/threaded
-
http://www.vupen.com/english/advisories/2008/2395
-
http://www.symantec.com/avcenter/security/Content/2008.08.14a.html
Jump to