Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:60032816A28F104262A7D0A47F566575
HistoryDec 01, 2011 - 12:00 a.m.

Symantec Alert Management System AMSSendAlertAck Buffer Overflow

2011-12-0100:00:00
SAINT Corporation
www.saintcorporation.com
14

0.954 High

EPSS

Percentile

99.2%

JSON

Added: 12/01/2011
CVE: CVE-2010-0110
BID: 45936
OSVDB: 72623

Background

The Symantec Alert Management System 2 (AMS2) is used by multiple Symantec products. It includes an Intel Alert Handler service (**hndlrsvc.exe**). This service handles messages forwarded to it by the Alert Originator Manager (**msgsys.exe**), which listens on port 38292/TCP.

Problem

A stack buffer overflow vulnerability in the **AMSLIB.dll** module of the Intel Alert Handler service allows a remote attacker to execute arbitrary commands by sending a long, specially crafted string to the Alert Originator Manager.

Resolution

Apply the patch referenced in SYM11-002.

References

<http://www.zerodayinitiative.com/advisories/ZDI-11-028/&gt;

Limitations

Exploit works on Symantec System Center 10.1.8.8000 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802.

Platforms

Windows Server 2003

Related

saint 11
securityvulns 2
cve 2
symantec 1
zdi 1
cvelist 2
checkpoint_advisories 2
prion 2
openvas 2
nessus 1
saint
saint
Symantec Alert Management System PIN number buffer overflow
2011-02-03 00:00:00
Symantec Alert Management System Intel Alert Handler modem string buffer overflow
2011-02-23 00:00:00
Symantec Alert Management System AMSSendAlertAck Buffer Overflow
2011-12-01 00:00:00
securityvulns
securityvulns
TELUS Security Labs VR - Symantec Alert Management System HNDLRSVC Arbitrary Command Execution
2011-01-31 00:00:00
Symantec Antivirus Corporate Edition Alert Management Service code execution
2011-01-31 00:00:00
cve
cve
CVE-2010-0110
2011-01-31 21:00:00
CVE-2011-0688
2011-01-31 21:00:00
symantec
symantec
Symantec Intel Alert Management System Multiple Code Execution Issues
2011-01-26 08:00:00
zdi
zdi
Symantec AMS Intel Alert Service AMSSendAlertAct Remote Code Execution Vulnerability
2011-01-27 00:00:00
cvelist
cvelist
CVE-2010-0110
2011-01-31 20:00:00
CVE-2011-0688
2011-01-31 20:00:00
checkpoint_advisories
checkpoint_advisories
Symantec Alert Management System pagehndl.dll Stack Buffer Overflow (CVE-2010-0110)
2011-02-20 00:00:00
Symantec Alert Management System AMSSendAlertAck Stack Buffer Overflow (CVE-2010-0110)
2011-02-13 00:00:00
prion
prion
Stack overflow
2011-01-31 21:00:00
Information disclosure
2011-01-31 21:00:00
openvas
openvas
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
nessus
nessus
Symantec Alert Management System 2 Multiple Vulnerabilities (SYM11-002, SYM11-003)
2011-01-28 00:00:00

0.954 High

EPSS

Percentile

99.2%

JSON
Related for SAINT:60032816A28F104262A7D0A47F566575
saint11securityvulns2cve2symantec1zdi1cvelist2checkpoint_advisories2prion2openvas2nessus1