Lucene search

SAINT CorporationSAINT:A6CCE32107476ACC2A2820DD172D6C36

HistoryMay 06, 2009 - 12:00 a.m.

Symantec Alert Management System Intel File Transfer service command execution

2009-05-0600:00:00

SAINT Corporation

download.saintcorporation.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.952 High

EPSS

Percentile

99.1%

JSON

Added: 05/06/2009
CVE: CVE-2009-1431
BID: 34675
OSVDB: 54160

Background

The Symantec Alert Management System 2 (AMS2) is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It listens on port 12174/TCP.

Problem

Due to a design flaw, the Intel File Transfer service can be used to execute arbitrary commands without authentication.

Resolution

Apply one of the solutions shown in SYM09-007.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786>

Limitations

Exploit works on Symantec Alert Management System Intel File Transfer Service 6.12.0.130E.

The exploit must be able to bind to port 69/UDP on the SAINTexploit host.

Platforms

Windows

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.952 High

EPSS

Percentile

99.1%

JSON

Related for SAINT:A6CCE32107476ACC2A2820DD172D6C36