CVE-2004-2622
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%
AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access.
References
archives.neohapsis.com/archives/bugtraq/2004-10/0211.html
archives.neohapsis.com/archives/bugtraq/2004-10/0266.html
packetstorm.linuxsecurity.com/0410-advisories/index2.html
secunia.com/advisories/12944
securitytracker.com/id?1011862
www.altiris.com/support/forum/Framesearch.aspx?vpath=/aexkb/public%20articles/6.x/deployment%20solution/kb/ds%20client%20security%20kb%20article%2010-22-04.doc&art=AKB6859&source=Altiris%20Helpdesk&artID=23644&refpara=532392&key=akb6859
www.osvdb.org/11031
www.securityfocus.com/bid/11498
exchange.xforce.ibmcloud.com/vulnerabilities/17814
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.7%