This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a buffer overflow vulnerability in Symantec Norton Ghost.
Symantec Norton Ghost is a backup utility available for Microsoft Windows.
Symantec Norton Ghost is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. This issue occurs in the 'RemoteCommand.DLL' library. Specifically, when an attacker passes an excessively long connect string, a buffer will overflow.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects Symantec Ghost 12.0; other versions may also be affected.
- Symantec Norton Ghost 12.0