• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

RETIRED: Symantec Norton Ghost RemoteCommand.DLL Buffer Overflow Vulnerability

Symantec Norton Ghost is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects Symantec Ghost 12.0; other versions may also be affected.

NOTE: This issue is being retired. Further investigation reveals that exploiting this bug requires authenticated access and that any code execution or denial of service would be in the context of the authenticated user (i.e. there is no gain for the attacker and any service disruption would affect only the attacker).