Multiple vulnerabilities have been identified in Symantec Ghost, which could be exploited by local attackers to bypass security restrictions, disclose sensitive information, or obtain elevated privileges.
The first issue is due to a design error where a default administrator login/password pair is left during installation, which could be exploited by local attackers to modify or delete stored administrative tasks and run arbitrary code on a vulnerable system.
The second flaw is due to a memory mapping permission error in the Sybase SQLAnywhere database, which could be exploited by an unprivileged local user to access or alter information stored in the database.
The third vulnerability is due to a buffer overflow error in the login dialog of the "dbisqlc.exe" component (part of the SQLAnywhere package), which could be exploited by malicious users to gain access to information stored in the database.
Credits
Vulnerabilities reported by Ollie Whitehouse
ChangeLog
2006-03-07 : Initial release
Vulnerability Management
Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
French
