9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
Added: 05/05/2009
CVE: CVE-2009-1430
BID: 34674
OSVDB: 54159
The Symantec Alert Management System 2 (AMS2) is used by multiple Symantec products. The Intel Alert Originator (IAO) service is a component of AMS2. The **msgsys.exe**
process is a preprocessor for the IAO service and listens on TCP port 38292.
A buffer overflow vulnerability in the **msgsys.exe**
process allows remote attackers to execute arbitrary commands by sending it a long, specially crafted request.
Apply one of the solutions shown in SYM09-007.
<http://www.zerodayinitiative.com/advisories/ZDI-09-018/>
Exploit works on Symantec Alert Management System Intel Alert Originator Service 6.12.0.130E.
Windows 2000
Windows Server 2003