CVE-2006-0230

Symantec Scan Engine <5.1.0.7 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0230. PoCs published by Marc Bevand.

AI-analyzed exploit summary This exploit changes the administrator password (or password hash) of Symantec Scan Engine by leveraging an authentication bypass vulnerability. It communicates with the target via HTTP and SSL to retrieve the current password hash and set a new one.

Description

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc Bevand · perlremotewindows

https://www.exploit-db.com/exploits/1703

View Code ZIP pw:eip

This exploit changes the administrator password (or password hash) of Symantec Scan Engine by leveraging an authentication bypass vulnerability. It communicates with the target via HTTP and SSL to retrieve the current password hash and set a new one.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Symantec Scan Engine

No auth needed

Prerequisites: Network access to the target's HTTP and SSL ports (default 8004 and 8005)

MITRE ATT&CK