Vulnerability Name:

CVE-2011-0688 (CCN-65071)

Assigned:2011-01-27
Published:2011-01-27
Updated:2017-08-17
Summary:Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111.
Note: some of these details are obtained from third party information.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-287
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-0688

Source: CCN
Type: SA43099
Symantec Products Intel Alert Management System Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
43099

Source: SECTRACK
Type: UNKNOWN
1024996

Source: BID
Type: UNKNOWN
45936

Source: CCN
Type: BID-45936
Symantec Intel Alert Management System (CVE-2010-0110) Buffer Overflow Vulnerabilities

Source: CCN
Type: SYM11- 002
Symantec Intel Alert Management System Multiple Code Execution Issues

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0234

Source: XF
Type: UNKNOWN
symantec-tcp-command-execution(65071)

Source: XF
Type: UNKNOWN
symantec-tcp-command-execution(65071)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:symantec:system_center:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:system_center:10.1:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:antivirus:10.0::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.3::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.4::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.5::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.6::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.7::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.8::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.9::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.2::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.7::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.8::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.9::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.0.1::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.2::corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:system_center:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:system_center:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec antivirus 10.0
    symantec antivirus 10.0 mr1
    symantec antivirus 10.0 mr2
    symantec antivirus 10.0.1
    symantec antivirus 10.0.1.1
    symantec antivirus 10.0.1.2
    symantec antivirus 10.0.2
    symantec antivirus 10.0.2.1
    symantec antivirus 10.0.2.2
    symantec antivirus 10.0.3
    symantec antivirus 10.0.4
    symantec antivirus 10.0.5
    symantec antivirus 10.0.6
    symantec antivirus 10.0.7
    symantec antivirus 10.0.8
    symantec antivirus 10.0.9
    symantec antivirus 10.1
    symantec antivirus 10.1 mp1
    symantec antivirus 10.1 mr4
    symantec antivirus 10.1 mr5
    symantec antivirus 10.1 mr6
    symantec antivirus 10.1 mr7
    symantec antivirus 10.1.0.1
    symantec antivirus 10.1.4
    symantec antivirus 10.1.4.1
    symantec antivirus 10.1.5
    symantec antivirus 10.1.5.1
    symantec antivirus 10.1.6
    symantec antivirus 10.1.6.1
    symantec antivirus 10.1.7
    symantec antivirus 10.1.8
    symantec antivirus 10.1.9
    symantec antivirus 10.2
    symantec antivirus 10.2 mr2
    symantec antivirus 10.2 mr3
    symantec system center 10.0
    symantec system center 10.1
    symantec antivirus central quarantine server 3.5
    symantec antivirus central quarantine server 3.6
    symantec antivirus 10.0
    symantec antivirus 10.1.4
    symantec antivirus 10.1
    symantec antivirus 10.0.1
    symantec antivirus 10.0.2
    symantec antivirus 10.0.3
    symantec antivirus 10.0.4
    symantec antivirus 10.0.5
    symantec antivirus 10.0.6
    symantec antivirus 10.0.7
    symantec antivirus 10.0.8
    symantec antivirus 10.0.9
    symantec antivirus 10.0.2.1
    symantec antivirus 10.0.2.2
    symantec antivirus 10.0.1.1
    symantec antivirus 10.2
    symantec antivirus 10.1.7
    symantec antivirus 10.1.8
    symantec antivirus 10.1.9
    symantec antivirus 10.1 mr5
    symantec antivirus 10.1 mr6
    symantec antivirus 10.1 mp1
    symantec antivirus 10.1 mr4
    symantec antivirus 10.1 mr7
    symantec antivirus 10.2 mr2
    symantec antivirus 10.2 mr3
    symantec antivirus 10.1.6.1
    symantec antivirus 10.1.6
    symantec antivirus 10.1.5.1
    symantec antivirus 10.1.5
    symantec antivirus 10.1.4.1
    symantec antivirus 10.1.0.1
    symantec antivirus 10.0.1.2
    symantec antivirus 10.0 mr2
    symantec antivirus 10.0 mr1
    symantec system center 10.0
    symantec system center 10.1
    symantec antivirus central quarantine server 3.5
    symantec antivirus central quarantine server 3.6