This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:SYMC:AGENT-RM-CMD
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Symantec Common Base Agent Remote Command Execution
|
Release Date |
2009/05/27
|
Update Number |
1434
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Symantec Common Base Agent Remote Command Execution
This signature detects attempts to exploit a known vulnerability against Symantec AntiVirus Corporate Edition, Symantec Client Security and Symantec Endpoint Protection. A successful attack can lead to arbitrary code execution.
Extended Description
The AMS2 (Alert Management Systems 2) component of multiple Symantec products is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input.
Successfully exploiting this issue will allow an attacker to execute arbitrary commands with SYSTEM-level privileges, completely compromising affected computers. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
- Symantec antivirus_corporate_edition 10.0.0.359
- Symantec antivirus_corporate_edition 10.0.1.1000
- Symantec antivirus_corporate_edition 10.0.1.1001 (MR1-PP1)
- Symantec antivirus_corporate_edition 10.0.1.1003 (MR1-PP2)
- Symantec antivirus_corporate_edition 10.0.1.1007
- Symantec antivirus_corporate_edition 10.0.1.1008
- Symantec antivirus_corporate_edition 10.0.1.1009 (MR1-PP9)
- Symantec antivirus_corporate_edition 10.0.2.2000
- Symantec antivirus_corporate_edition 10.0.2 .2001
- Symantec antivirus_corporate_edition 10.0.2.2002
- Symantec antivirus_corporate_edition 10.0.2.2010
- Symantec antivirus_corporate_edition 10.0.2.2011
- Symantec antivirus_corporate_edition 10.0.2.2020
- Symantec antivirus_corporate_edition 10.0.2.2021
- Symantec antivirus_corporate_edition 10.1
- Symantec antivirus_corporate_edition 10.1.0.394
- Symantec antivirus_corporate_edition 10.1.0.396
- Symantec antivirus_corporate_edition 10.1.0.400
- Symantec antivirus_corporate_edition 10.1.0.401
- Symantec antivirus_corporate_edition 10.1.4
- Symantec antivirus_corporate_edition 10.1.4.4000 (MR4)
- Symantec antivirus_corporate_edition 10.1.4.4010
- Symantec antivirus_corporate_edition 10.1.4 MR4 MP1 - build 4010
- Symantec antivirus_corporate_edition 10.1.5.5000 (MR5)
- Symantec antivirus_corporate_edition 10.1.5.5001 (MR5-PP1)
- Symantec antivirus_corporate_edition 10.1.5.5010 (MR5-MP1)
- Symantec antivirus_corporate_edition 10.1.6.600
- Symantec antivirus_corporate_edition 10.1.6.6000
- Symantec antivirus_corporate_edition 10.1.6.6010 (MR6-MP1)
- Symantec antivirus_corporate_edition 10.1.7.7000 (MR7)
- Symantec antivirus_corporate_edition 10.1 MR6
- Symantec antivirus_corporate_edition 10.1 MR6 MP1
- Symantec antivirus_corporate_edition 10.1 MR7
- Symantec antivirus_corporate_edition 10.2
- Symantec antivirus_corporate_edition 10.2.0.276 (STM 32-Bit)
- Symantec antivirus_corporate_edition 10.2.0.298 (STM 64-Bit)
- Symantec antivirus_corporate_edition 10.2.0.313 (STM-PP1)
- Symantec antivirus_corporate_edition 10.2.1.1000 (MR1)
- Symantec antivirus_corporate_edition 10.2 MR1
- Symantec antivirus_corporate_edition 9.0.0 .0.338
- Symantec antivirus_corporate_edition 9.0.0.1300 (STM-PP1)
- Symantec antivirus_corporate_edition 9.0.0.1400 (STM-PP2)
- Symantec antivirus_corporate_edition 9.0.1.1000 (MR1)
- Symantec antivirus_corporate_edition 9.0.1.1001 (MR1-PP1)
- Symantec antivirus_corporate_edition 9.0.1.1100 (MR1-MP1)
- Symantec antivirus_corporate_edition 9.0.2 .1000
- Symantec antivirus_corporate_edition 9.0.3 .1000
- Symantec antivirus_corporate_edition 9.0.3.1100 (MR3-MP1)
- Symantec antivirus_corporate_edition 9.0.4
- Symantec antivirus_corporate_edition 9.0.4 MR4 build 1000
- Symantec antivirus_corporate_edition 9.0.5
- Symantec antivirus_corporate_edition 9.0.5.1000 (MR5)
- Symantec antivirus_corporate_edition 9.0.5.1001 (MR5-PP1)
- Symantec antivirus_corporate_edition 9.0.5.1100
- Symantec antivirus_corporate_edition 9.0.6.1000
- Symantec antivirus_corporate_edition 9.0.6.1000 (MR6)
- Symantec antivirus_corporate_edition 9.0.6 MR6 MP1 - build 1100
- Symantec antivirus_corporate_edition 9 MR6 MP1
- Symantec client_security 2.0.0.1300 (STM-PP1)
- Symantec client_security 2.0.0.1400 (STM-PP2)
- Symantec client_security 2.0.0.338 (STM)
- Symantec client_security 2.0.1.1000 (MR1)
- Symantec client_security 2.0.1.1001 (MR1-PP1)
- Symantec client_security 2.0.1.1100 (MR1-MP1)
- Symantec client_security 2.0.2.1000 (MR2)
- Symantec client_security 2.0.3.1000 (MR3)
- Symantec client_security 2.0.4
- Symantec client_security 2.0.4 MR4 build 1000
- Symantec client_security 2.0.5.1000 (MR5)
- Symantec client_security 2.0.5.1001 (MR5-PP1)
- Symantec client_security 2.0.5 build 1100
- Symantec client_security 2.0.6.1000 (MR6)
- Symantec client_security 2.0.6 MR6
- Symantec client_security 2.0.6 MR6 MP1 - build 1100
- Symantec client_security 2.0 MR6 MP1
- Symantec client_security 3.0.0.359
- Symantec client_security 3.0.1.1000
- Symantec client_security 3.0.1.1001
- Symantec client_security 3.0.1.1003 (MR1-PP2)
- Symantec client_security 3.0.1.1007
- Symantec client_security 3.0.1.1008
- Symantec client_security 3.0.1.1009 (MR1-PP9)
- Symantec client_security 3.0.2.2000
- Symantec client_security 3.0.2.2001
- Symantec client_security 3.0.2.2002
- Symantec client_security 3.0.2.2010
- Symantec client_security 3.0.2.2011
- Symantec client_security 3.0.2.2020
- Symantec client_security 3.0.2.2021
- Symantec client_security 3.1
- Symantec client_security 3.1.0.394
- Symantec client_security 3.1.0.396
- Symantec client_security 3.1.0.400
- Symantec client_security 3.1.0.401
- Symantec client_security 3.1.4.4000 (MR4)
- Symantec client_security 3.1.4 MR4 MP1 - build 4010
- Symantec client_security 3.1.5.5000 (MR5)
- Symantec client_security 3.1.5.5001 (MR5-PP1)
- Symantec client_security 3.1.5.5010 (MR5-MP1)
- Symantec client_security 3.1.6.6000
- Symantec client_security 3.1.6.6010 (MR6-MP1)
- Symantec client_security 3.1.7.7000 (MR7)
- Symantec client_security 3.1 MR6
- Symantec client_security 3.1 MR6 MP1
- Symantec client_security 3.1 MR7
- Symantec endpoint_protection 11.0
- Symantec endpoint_protection 11.0.1000.1375 (MR1)
- Symantec endpoint_protection 11.0.1002.1378 (MR1-PP2)
- Symantec endpoint_protection 11.0.1005.1428 (MR1-PP5)
- Symantec endpoint_protection 11.0.2000.1567 (MR2)
- Symantec endpoint_protection 11.0.2001.10 (MR2-PP1)
- Symantec endpoint_protection 11.0.2010.25 (MR2-MP1)
- Symantec endpoint_protection 11.0.2020.56 (MR2-MP2)
- Symantec endpoint_protection 11.0.780.1109 (STM)
- Symantec endpoint_protection 11.0.781.1287 (STM-PP1)
- Symantec endpoint_protection 11.0 MR1
- Symantec endpoint_protection 11.0 MR2
References