• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Symantec Ghost Solution Suite ARP Spoofing Authentication Bypass Vulnerability

Symantec Ghost Solution Suite is prone to an authentication-bypass vulnerability.

Attackers can exploit this issue by sending a spoofed ARP packet to the affected client.

Successfully exploiting this issue will allow attackers to impersonate the Symantec Ghost Solution Suite server and execute arbitrary commands on the client with SYSTEM-level privileges, facilitating the complete compromise of affected computers.

This issue affects Symantec Ghost Solution Suite 1.1, 2.0.0, and 2.0.1.

NOTE: Users who do not use the Ghost Console or the Ghost Management Agent are not affected.