What is the severity of CVE-2007-2279?

CVE-2007-2279 has a high severity rating due to the potential for remote code execution.

How do I fix CVE-2007-2279?

To fix CVE-2007-2279, ensure that you update Symantec Storage Foundation for Windows to the latest version.

What does CVE-2007-2279 exploit?

CVE-2007-2279 exploits the Scheduler Service in Symantec Storage Foundation, allowing unauthorized code execution.

Which versions of Veritas Storage Foundation are affected by CVE-2007-2279?

Veritas Storage Foundation version 5.0 for Windows is affected by CVE-2007-2279.

Can CVE-2007-2279 be exploited remotely?

Yes, CVE-2007-2279 can be exploited remotely due to insufficient authentication in the Scheduler Service.

Vulnerability/
CVE-2007-2279

critical

9.3

CWE

264

4/6/2007

7/8/2024

CVE-2007-2279

First published: Mon Jun 04 2007(Updated: )

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Veritas Storage Foundation and High Availability	=5.0

Remedy

http://www.symantec.com/avcenter/security/Content/2007.06.01.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-2279?
CVE-2007-2279 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2007-2279?
To fix CVE-2007-2279, ensure that you update Symantec Storage Foundation for Windows to the latest version.
What does CVE-2007-2279 exploit?
CVE-2007-2279 exploits the Scheduler Service in Symantec Storage Foundation, allowing unauthorized code execution.
Which versions of Veritas Storage Foundation are affected by CVE-2007-2279?
Veritas Storage Foundation version 5.0 for Windows is affected by CVE-2007-2279.
Can CVE-2007-2279 be exploited remotely?
Yes, CVE-2007-2279 can be exploited remotely due to insufficient authentication in the Scheduler Service.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/symantec
canonical/veritas storage foundation and high availability
version/veritas storage foundation and high availability/5.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.