Lucene search
RootSSV:11167HistoryMay 01, 2009 - 12:00 a.m.
Symantec杀毒软件Intel Alert Originator服务栈溢出漏洞
2009-05-0100:00:00
Root
www.seebug.org
15
0.972 High
EPSS
Percentile
99.8%
BUGTRAQ ID: 34672,34674
CVE(CAN) ID: CVE-2009-1430
Symantec AntiVirus是非常流行的杀毒解决方案。
Symantec杀毒软件中的Intel Alert Originator服务(IAO.EXE)没有正确地验证通过memcpy()调用发送给栈缓冲区的数据。如果远程攻击者向默认监听的TCP 38292端口发送了畸形报文的话,就可以触发栈溢出,导致以SYSTEM权限执行任意代码。
Symantec Client Security 3.1
Symantec Client Security 3.0
Symantec Client Security 2.0
Symantec AntiVirus Corporate Edition 9.0
Symantec AntiVirus Corporate Edition 10.2
Symantec AntiVirus Corporate Edition 10.1
Symantec AntiVirus Corporate Edition 10.0
Symantec Endpoint Protection 11.0
Symantec
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.symantec.com/” target=“_blank”>http://www.symantec.com/</a>
Related
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
securityvulns
securityvulns
ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability
2009-05-01 00:00:00
Symantec Client Security buffer overflow
2009-05-01 00:00:00
canvas
canvas
Immunity Canvas: SYMANTEC_IAO
2009-04-29 15:30:00
prion
prion
Stack overflow
2009-04-29 15:30:00
zdi
zdi
saint
saint
nessus
nessus
Symantec Alert Management System 2 RCE (SYM09-007)
2010-03-02 00:00:00
cvelist
cvelist
CVE-2009-1430
2009-04-29 15:00:00
cve
cve
CVE-2009-1430
2009-04-29 15:30:00
symantec
symantec
Symantec Alert Management System 2 multiple vulnerabilities
2009-04-28 08:00:00