CVE-2007-2360

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520
http://secunia.com/advisories/25013
http://www.securitytracker.com/id?1017971
http://www.symantec.com/avcenter/security/Content/2007.04.26.html
http://www.vupen.com/english/advisories/2007/1552

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:backupexec_system_recovery:6.5:::::::*
	cpe:2.3:a:symantec:backupexec_system_recovery:6.52:::::::*
	cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:::::::*
	cpe:2.3:a:symantec:backupexec_system_recovery:6.53:::::::*
	cpe:2.3:a:symantec:livestate_recovery:6.0:::::::*
	cpe:2.3:a:symantec:livestate_recovery:6.01:::::::*
	cpe:2.3:a:symantec:livestate_recovery:6.02:::::::*
	cpe:2.3:a:symantec:norton_ghost:10.0::dell:::::
	cpe:2.3:a:symantec:norton_ghost:10.0::norton_system_works:::::
	cpe:2.3:a:symantec:norton_ghost:10.01:::::::*
	cpe:2.3:a:symantec:norton_save_and_recovery:1.01::sony_euro:::::
	cpe:2.3:a:symantec:norton_save_and_recovery:1.01b::norton_system_works_2007:::::
	cpe:2.3:a:symantec:norton_save_and_recovery:11.0:::::::*
	cpe:2.3:a:symantec:norton_save_and_recovery:11.01:::::::*
	cpe:2.3:a:symantec:norton_save_and_recovery:11.01b:::::::*

History

No history.

Information

Published : 2007-04-30 22:19

Updated : 2024-02-28 11:01

NVD link : CVE-2007-2360

Mitre link : CVE-2007-2360

CVE.ORG link : CVE-2007-2360

JSON object : View

Products Affected

symantec

norton_save_and_recovery
norton_ghost
livestate_recovery
backupexec_system_recovery

CWE

NVD-CWE-Other

{"id": "CVE-2007-2360", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-04-30T22:19:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25013", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017971", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1552", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key."}, {"lang": "es", "value": "Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, y BackupExec System Recovery anterior a 20070426, cuando est\u00e1n los backups remotos de las im\u00e1genes del punto de restauraci\u00f3n configurados, cifra las credenciales de la parte de la red con una llave formada por un hash del username, que permite que los usuarios locales obtengan las credenciales calculando la llave."}], "lastModified": "2011-03-08T02:54:04.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:backupexec_system_recovery:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0598D0E-0BCA-4711-89DE-53C528D9015B"}, {"criteria": "cpe:2.3:a:symantec:backupexec_system_recovery:6.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BAB9A49-0311-4D33-8F58-F1228CABA8EC"}, {"criteria": "cpe:2.3:a:symantec:backupexec_system_recovery:6.52a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2942EF66-62D1-49F9-A38C-BFEEAD22F62E"}, {"criteria": "cpe:2.3:a:symantec:backupexec_system_recovery:6.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC7F5F20-B428-4754-9274-F16BC01E8957"}, {"criteria": "cpe:2.3:a:symantec:livestate_recovery:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F3C4CA-B6D1-4B7A-9C98-8CE0A71C86DF"}, {"criteria": "cpe:2.3:a:symantec:livestate_recovery:6.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E137FF2-AEC3-48CD-B744-76615B433554"}, {"criteria": "cpe:2.3:a:symantec:livestate_recovery:6.02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "880D2EE8-DB5C-478A-86F6-1960C1F68E52"}, {"criteria": "cpe:2.3:a:symantec:norton_ghost:10.0:*:dell:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48289358-FC5D-4CC9-B420-365B1FB842F5"}, {"criteria": "cpe:2.3:a:symantec:norton_ghost:10.0:*:norton_system_works:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A43FA5B-E637-41B3-BCD9-A3DF2A372DE9"}, {"criteria": "cpe:2.3:a:symantec:norton_ghost:10.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F6128F8-5BE1-4A5A-BCEF-D0C9F94E306E"}, {"criteria": "cpe:2.3:a:symantec:norton_save_and_recovery:1.01:*:sony_euro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A059387D-6A4E-4F23-B16F-9C04601A556D"}, {"criteria": "cpe:2.3:a:symantec:norton_save_and_recovery:1.01b:*:norton_system_works_2007:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4EE821D-CCA3-43C7-8044-31F9373AA8FB"}, {"criteria": "cpe:2.3:a:symantec:norton_save_and_recovery:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8881CCEE-CDC3-4634-AD25-C705FD8BDE9D"}, {"criteria": "cpe:2.3:a:symantec:norton_save_and_recovery:11.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4775B1-3712-429D-9227-824CFAB69FE0"}, {"criteria": "cpe:2.3:a:symantec:norton_save_and_recovery:11.01b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "082E74B5-1045-4BCF-93A2-AF0AFF4EAA00"}], "operator": "OR"}]}], "evaluatorImpact": "\"In order for this exploit to have an impact, administrators would either have to configure client machines to save restore points images to a private share, or the vulnerable machine would have to be shared by several users who each saved their restore points images to private shares.\"", "sourceIdentifier": "cve@mitre.org"}