Details of VAR-200706-0270

ID

VAR-200706-0270

CVE

CVE-2007-3021

TITLE

Symantec Client Security and SAV CE Used in etc. Symantec Reporting Server Vulnerable to creating arbitrary executable files

Trust: 0.8

sources: JVNDB: JVNDB-2007-005636

DESCRIPTION

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export. Symantec System Center Reporting Server is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to execute malicious code on an affected server and gain the privileges of the user running the server. Successful attacks will compromise the application and possibly the underlying computer. SYM07-012 Symantec Reporting Server Elevation of Privilege June 5, 2007 Risk Impact Medium Remote Access: Yes Local Access: Yes Authentication Required: No Exploit available: No Overview Files created by a Reporting Server may be accessible to an unauthorized user. The error occurred due to the improper initialization of a variable, and updates have been released to correct the problem. Individual client systems are not affected. Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue. However, we recommend that customers update Reporting Server immediately to protect against possible attempts to exploit this issue. - Ensure that the SCS Console and Reporting Server interface are never visible external to the network. This greatly reduces opportunities for unauthorized remote access. - User accounts for Reporting Server should be unique, and different from the user\x92s network login account. - Delete exported data files which are no longer needed. Credit Symantec would like to thank Ertunga Arsal of Tech Data GmbH & Co. OHG for reporting this issue, and coordinating with us on the response. CVE This issue is a candidate for inclusion in the Common Vulnerabilities and Exposures (CVE) list (http://cve.mitre.org), which standardizes names for security problems. The CVE initiative has assigned CVE-2007-3021 to this issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Symantec Product Security Team ________________________________________ Symantec takes the security and proper functionality of its products very seriously. As founding members of the Organization for Internet Safety (OISafety), Symantec follows the principles of responsible disclosure. Symantec also subscribes to the vulnerability guidelines outlined by the National Infrastructure Advisory Council (NIAC). Please contact secure@symantec.com if you feel you have discovered a potential or actual security issue with a Symantec product. ________________________________________ Copyright (c) 2007 by Symantec Corp. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) iQEVAwUBRmW5bf9Lqygkbb6BAQjVQQf7BjFMagCcjl+kkYiEEcphatUuDi1sDZ+h r2eRvO+8RbCzNoGWuBFiK9ExIhhQNRTDCkvceDcFFOBtKVv7wg/LGw935O8P7+PK lsdT+UEdCFqyUu+mteYARW4uQ9b17luDoxU2cEa6iZ9qS/6uzLEAkNQXo0Tm2PlT elYjlv5m13FSbAd+KfRh94XRguxrKZ/i8KxzsS8E0RvmADW+mjYbNv1rRT5C3AGr Kl7f3c07U4+DfISxDcAVjZwgK6lA42qLih8M2iC4P2bQJ1Ml3Uukxnt1EOLFBNo2 5UXMaAZ7lSK7l+ZIg1q57h5tsXOp9FQQaN7rSk2ObEvGoGheK3wiww== =CXAH -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2007-3021 // JVNDB: JVNDB-2007-005636 // BID: 24313 // VULHUB: VHN-26383 // PACKETSTORM: 57065

AFFECTED PRODUCTS

vendor:	symantec	model:	client security	scope:	eq	version:	3.1.401	Trust: 1.9
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.400	Trust: 1.9
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.396	Trust: 1.9
vendor:	symantec	model:	client security	scope:	eq	version:	3.1	Trust: 1.9
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2021	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1.401	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1.400	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1.396	Trust: 1.6
vendor:	symantec	model:	client security	scope:	eq	version:	3.1.394	Trust: 1.3
vendor:	symantec	model:	reporting server	scope:	lte	version:	1.0.197.0	Trust: 1.0
vendor:	symantec	model:	reporting server	scope:	eq	version:	1.0.197.0	Trust: 0.9
vendor:	symantec	model:	client security	scope:	eq	version:	3.1 and later	Trust: 0.8
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	corporate edition (sav ce) 10.1 and later	Trust: 0.8
vendor:	symantec	model:	reporting server	scope:	lt	version:	1.0.197.0 and 1.0.224.0	Trust: 0.8
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.401	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.400	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.396	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1.394	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	eq	version:	10.1	Trust: 0.3
vendor:	symantec	model:	reporting server	scope:	ne	version:	1.0.224.0	Trust: 0.3
vendor:	symantec	model:	client security	scope:	ne	version:	3.1.6.6000	Trust: 0.3
vendor:	symantec	model:	antivirus corporate edition	scope:	ne	version:	10.1.6.6000	Trust: 0.3

sources: BID: 24313 // JVNDB: JVNDB-2007-005636 // CNNVD: CNNVD-200706-048 // NVD: CVE-2007-3021

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-3021
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-3021
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200706-048
value:	HIGH
Trust: 0.6
VULHUB:	VHN-26383
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-3021
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-26383
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-26383 // JVNDB: JVNDB-2007-005636 // CNNVD: CNNVD-200706-048 // NVD: CVE-2007-3021

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3021

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200706-048

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200706-048

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-005636

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-26383

PATCH

title:

SYM07-012

url:

http://www.symantec.com/avcenter/security/Content/2007.06.05a.html

Trust: 0.8

sources: JVNDB: JVNDB-2007-005636

EXTERNAL IDS

db:	NVD	id:	CVE-2007-3021	Trust: 2.9
db:	BID	id:	24313	Trust: 2.0
db:	SECTRACK	id:	1018196	Trust: 1.7
db:	SECUNIA	id:	25543	Trust: 1.7
db:	VUPEN	id:	ADV-2007-2074	Trust: 1.7
db:	OSVDB	id:	36109	Trust: 1.1
db:	JVNDB	id:	JVNDB-2007-005636	Trust: 0.8
db:	CNNVD	id:	CNNVD-200706-048	Trust: 0.7
db:	XF	id:	34744	Trust: 0.6
db:	PACKETSTORM	id:	57065	Trust: 0.2
db:	VULHUB	id:	VHN-26383	Trust: 0.1

sources: VULHUB: VHN-26383 // BID: 24313 // JVNDB: JVNDB-2007-005636 // PACKETSTORM: 57065 // CNNVD: CNNVD-200706-048 // NVD: CVE-2007-3021

REFERENCES

url:	http://www.symantec.com/avcenter/security/content/2007.06.05a.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/24313	Trust: 1.7
url:	http://www.securitytracker.com/id?1018196	Trust: 1.7
url:	http://secunia.com/advisories/25543	Trust: 1.7
url:	http://osvdb.org/36109	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2007/2074	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/34744	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3021	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3021	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/34744	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2007/2074	Trust: 0.6
url:	https://fileconnect.symantec.com/licenselogin.jsp	Trust: 0.3
url:	http://www.symantec.com	Trust: 0.3
url:	/archive/1/470603	Trust: 0.3
url:	http://cve.mitre.org),	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2007-3021	Trust: 0.1

sources: VULHUB: VHN-26383 // BID: 24313 // JVNDB: JVNDB-2007-005636 // PACKETSTORM: 57065 // CNNVD: CNNVD-200706-048 // NVD: CVE-2007-3021

CREDITS

Ertunga Arsal

Trust: 0.7

sources: PACKETSTORM: 57065 // CNNVD: CNNVD-200706-048

SOURCES

db:	VULHUB	id:	VHN-26383
db:	BID	id:	24313
db:	JVNDB	id:	JVNDB-2007-005636
db:	PACKETSTORM	id:	57065
db:	CNNVD	id:	CNNVD-200706-048
db:	NVD	id:	CVE-2007-3021

LAST UPDATE DATE

2024-08-14T14:08:08.879000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-26383	date:	2017-07-29T00:00:00
db:	BID	id:	24313	date:	2008-03-13T01:51:00
db:	JVNDB	id:	JVNDB-2007-005636	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200706-048	date:	2007-06-11T00:00:00
db:	NVD	id:	CVE-2007-3021	date:	2017-07-29T01:31:55.267

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-26383	date:	2007-06-05T00:00:00
db:	BID	id:	24313	date:	2007-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2007-005636	date:	2012-12-20T00:00:00
db:	PACKETSTORM	id:	57065	date:	2007-06-07T06:06:31
db:	CNNVD	id:	CNNVD-200706-048	date:	2007-06-05T00:00:00
db:	NVD	id:	CVE-2007-3021	date:	2007-06-05T21:30:00