CVE-2006-1284

Description

The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.

Affected products

• Symantec / ghost_solutions_suite1.0 – 1.0
• Symantec / norton_ghost8.0 – 8.0
• Symantec / norton_ghost8.2 – 8.2

References

• MISChttp://securitytracker.com/id?1015733
• VENDOR_ADVISORYhttp://secunia.com/advisories/19171
• MISChttp://www.securityfocus.com/bid/17018
• MISChttp://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0870