Symantec Products Intel Alert Handler Remote DoS
Medium Nessus Plugin ID 51190
SynopsisThe remote Windows host has a service that is affected by a denial of service vulnerability.
DescriptionIntel Alert Handler Service (hndlrsvc.exe) included with Alert Management System 2 (AMS2), an optional component included with either Symantec Antivirus Corporate Edition or Symantec Endpoint Protection version prior to 11.x, is installed on the remote host. The installed service reportedly fails to correctly handle 'CommandLine' field in an AMS request, and could be exploited by a remote attacker to crash the affected service.
SolutionEither upgrade to version 11.x since it does not use Intel AMS code or disable Intel AMS.