Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:A43C0E141CCD19B97F31A8ED2BB97B74
HistoryDec 01, 2011 - 12:00 a.m.

Symantec Alert Management System AMSSendAlertAck Buffer Overflow

2011-12-0100:00:00
SAINT Corporation
my.saintcorporation.com
18

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.3%

JSON

Added: 12/01/2011
CVE: CVE-2010-0110
BID: 45936
OSVDB: 72623

Background

The Symantec Alert Management System 2 (AMS2) is used by multiple Symantec products. It includes an Intel Alert Handler service (**hndlrsvc.exe**). This service handles messages forwarded to it by the Alert Originator Manager (**msgsys.exe**), which listens on port 38292/TCP.

Problem

A stack buffer overflow vulnerability in the **AMSLIB.dll** module of the Intel Alert Handler service allows a remote attacker to execute arbitrary commands by sending a long, specially crafted string to the Alert Originator Manager.

Resolution

Apply the patch referenced in SYM11-002.

References

<http://www.zerodayinitiative.com/advisories/ZDI-11-028/&gt;

Limitations

Exploit works on Symantec System Center 10.1.8.8000 on Microsoft Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802.

Platforms

Windows Server 2003

Related

zdi 1
symantec 1
cvelist 2
saint 11
securityvulns 2
cve 1
prion 2
checkpoint_advisories 2
openvas 2
nessus 1
zdi
zdi
Symantec AMS Intel Alert Service AMSSendAlertAct Remote Code Execution Vulnerability
2011-01-27 00:00:00
symantec
symantec
Symantec Intel Alert Management System Multiple Code Execution Issues
2011-01-26 08:00:00
cvelist
cvelist
CVE-2010-0110
2011-01-31 20:00:00
CVE-2011-0688
2011-01-31 20:00:00
saint
saint
Symantec Alert Management System AMSSendAlertAck Buffer Overflow
2011-12-01 00:00:00
Symantec Alert Management System PIN number buffer overflow
2011-02-03 00:00:00
Symantec Alert Management System Intel Alert Handler modem string buffer overflow
2011-02-23 00:00:00
securityvulns
securityvulns
TELUS Security Labs VR - Symantec Alert Management System HNDLRSVC Arbitrary Command Execution
2011-01-31 00:00:00
Symantec Antivirus Corporate Edition Alert Management Service code execution
2011-01-31 00:00:00
cve
cve
CVE-2010-0110
2011-01-31 21:00:01
prion
prion
Stack overflow
2011-01-31 21:00:00
Information disclosure
2011-01-31 21:00:00
checkpoint_advisories
checkpoint_advisories
Symantec Alert Management System pagehndl.dll Stack Buffer Overflow (CVE-2010-0110)
2011-02-20 00:00:00
Symantec Alert Management System AMSSendAlertAck Stack Buffer Overflow (CVE-2010-0110)
2011-02-13 00:00:00
openvas
openvas
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
nessus
nessus
Symantec Alert Management System 2 Multiple Vulnerabilities (SYM11-002, SYM11-003)
2011-01-28 00:00:00

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.3%

JSON
Related for SAINT:A43C0E141CCD19B97F31A8ED2BB97B74
zdi1symantec1cvelist2saint11securityvulns2cve1prion2checkpoint_advisories2openvas2nessus1