iDefense Security Advisory 06.05.07 - Remote exploitation of multiple denial of service vulnerabilities in Symantec Corp.'s Ghost could allow remote attackers to crash the Ghost service. These vulnerabilities affect both the client and server daemons due to what looks like a shared communications library. The daemons listen on UDP ports 1346, and 1347 respectively. By sending a malformed UDP-based request to either service, an attacker can cause the service to crash due to an invalid memory reference. This condition can be caused by any of several unique requests. In each case, the particular cause for the access violation varies. iDefense confirmed the existence of these vulnerabilities using Symantec Ghost version 8.0.992 (as supplied with Ghost Solution Suite). Other versions may be vulnerable as well.
b66143fb85b4ecc4a638b1b0c2312cb75c9821753c09e18d841ae956fee69f82