Symantec杀毒软件Intel LANDesk Common Base Agent服务任意代码执行漏洞

BUGTRAQ ID: 34671 CVECAN ID: CVE-2009-1429 Symantec AntiVirus是非常流行的杀毒解决方案。 Symantec杀毒软件产品的Intel LANDesk Common Base Agent（CBA）服务中存在安全漏洞。如果远程攻击者向TCP 12174端口发送了恶意报文以向CreateProcessA函数传送恶意参数的话，就会导致以SYSTEM权限执行任意代码。 Symantec Client Security 3.1 Symantec Client Security 3.0 Symantec Client Security 2.0...

Command injection

The Intel LANDesk Common Base Agent CBA in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2...

CVE-2009-1429

The Intel LANDesk Common Base Agent CBA in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2...

CVE-2009-1429

The Intel LANDesk Common Base Agent CBA in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2...

CVE-2009-1429

CVE-2009-1429 affects the Intel LANDesk Common Base Agent (CBA) used by Symantec products in the AMS2/Symantec System Center stack. A crafted packet could be interpreted as a command to be launched in a new process via CreateProcessA, enabling remote execution of arbitrary commands with SYSTEM pr...