Symantec Veritas Enterprise Administrator Service (vxsvc) Multiple Integer Overflows (SYM11-010)

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains an administrator service that is affected by
multiple integer overflow vulnerabilities.

Description :

Symantec Veritas Enterprise Administrator Service (vxsvc), a component
of Veritas Storage Foundation, is installed on the remote Windows
host. According to its version number, the installed version of
Symantec Veritas Enterprise Administrator service is affected by
multiple integer overflow vulnerabilities in the following functions :

- vxveautil.value_binary_unpack

- vxveautil.value_binary_unpack

- vxveautil.kv_binary_unpack

A remote, unauthenticated attacker, exploiting these flaws, could
execute arbitrary code on the remote host subject to the privileges of
the user running the affected application.

See also :

http://www.nessus.org/u?5ab713d2
http://www.zerodayinitiative.com/advisories/ZDI-11-262/
http://www.zerodayinitiative.com/advisories/ZDI-11-263/
http://www.zerodayinitiative.com/advisories/ZDI-11-264/

Solution :

Apply the relevant patch from the Symantec advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 55983 ()

Bugtraq ID: 49014

CVE ID: CVE-2011-0547

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now