Vulnerabilities > Symantec > Norton Ghost > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-02-19 CVE-2011-3477 Improper Input Validation vulnerability in Symantec products
GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.
local
low complexity
symantec CWE-20
4.9
2007-07-10 CVE-2007-3665 Denial of Service vulnerability in Symantec Norton Ghost 12.0
Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions.
network
low complexity
symantec
5.0
2007-06-08 CVE-2007-3132 Denial of Service vulnerability in Symantec Ghost Solutions Suite and Norton Ghost
Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp.
network
low complexity
symantec
5.0
2007-04-30 CVE-2007-2361 Local Security vulnerability in BackupExec System Recovery
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
local
low complexity
symantec
4.9
2007-04-30 CVE-2007-2360 Local Security vulnerability in BackupExec System Recovery
Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
local
low complexity
symantec
6.8
2006-03-19 CVE-2006-1284 Local Administrative Authentication Credentials Disclosure vulnerability in Symantec Ghost Solutions Suite and Norton Ghost
The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
local
low complexity
symantec
4.6
2001-08-02 CVE-2001-0598 Unspecified vulnerability in Symantec Norton Ghost
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
network
low complexity
symantec
5.0