6 matches found
Symantec Alert Management System File Transfer Service Remote Code Execution (CVE-2009-1431)
Symantec System Center provides centralized systems and policy management for Norton Antivirus Enterprise Solution across multiple Windows NT and NetWare networks. The vulnerability is due to a design error in the Intel File Transfer service XFR.EXE, a service used to aid communication between th...
Symantec Alert Management System Intel File Transfer service command execution
Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...
Symantec Alert Management System Intel File Transfer service command execution
Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...
iDefense Security Advisory 04.29.09: Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 04.28.09 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 28, 2009 I. BACKGROUND Symantec System Center is an MMC Microsoft Management Console snap-in that allows an administrator to remotely manage Symantec...
CVE-2009-1431
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10....
CVE-2009-1431
Symantec Alert Management System (AMS2) Intel File Transfer service (XFR.EXE) is affected. A design flaw allows remote code execution by an unauthenticated attacker who places code on a share or WebDAV server and then sends the UNC path to the XFR.EXE service. Impact can affect Symantec System Ce...