Lucene search
RootSSV:14987HistoryNov 27, 2009 - 12:00 a.m.
Symantec多个产品AeXNSConsoleUtilities.dll ActiveX控件远程溢出漏洞
2009-11-2700:00:00
Root
www.seebug.org
16
EPSS
0.962
Percentile
99.6%
BUGTRAQ ID: 37092
CVE(CAN) ID: CVE-2009-3033
Altiris Notification Server、Management Platform和Altiris Deployment Solution都是Symantec的网管和部署解决方案。
在初次连接到Altiris Deployment Solution等产品管理服务器的Web控制台时会安装一个Altiris eXpress NS Console Utilities ActiveX控件(AeXNSConsoleUtilities.dll)以授权到服务器的管理员访问,而该控件的RunCmd()函数存在缓冲区溢出漏洞。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可以触发这个溢出,导致执行任意指令。
Symantec Altiris Deployment Solution 6.9.x
Symantec Altiris Notification Server 6.0.x
Symantec Management Platform 7.0.x
厂商补丁:
Symantec
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://kb.altiris.com/article.asp?article=50279&p=1
https://kb.altiris.com/article.asp?article=50072&p=1
Related
symantec
symantec
prion
prion
Buffer overflow
2009-11-25 16:30:00
nvd
nvd
CVE-2009-3033
2009-11-25 16:30:00
saint
saint
Symantec AeXNSConsoleUtilities RunCmd buffer overflow
2009-11-27 00:00:00
Symantec AeXNSConsoleUtilities RunCmd buffer overflow
2009-11-27 00:00:00
Symantec AeXNSConsoleUtilities RunCmd buffer overflow
2009-11-27 00:00:00
metasploit
metasploit
Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
2009-12-11 02:36:01
nessus
nessus
Altiris ConsoleUtilities ActiveX RunCmd Method Overflow
2009-12-02 00:00:00
packetstorm
packetstorm
Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
2009-12-31 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_ALTIRISRC
2009-11-25 16:30:00
cve
cve
CVE-2009-3033
2009-11-25 16:30:00
cvelist
cvelist
CVE-2009-3033
2009-11-25 16:00:00
exploitdb
exploitdb
checkpoint_advisories
checkpoint_advisories