Lucene search

[email protected]CVE-2005-1590

HistoryMay 16, 2005 - 4:00 a.m.

CVE-2005-1590

2005-05-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

altiris client service

aclient.exe

windows

local users

password protection

administrative interface

vulnerability

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON

The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the “Altiris Client Service” hidden window, disabling the password protection, disabling the “Hide client tray icon box” option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070.

CPENameOperatorVersion
altiris:deployment_solutionaltiris deployment solutioneq6.0
altiris:deployment_solutionaltiris deployment solutioneq5.6.181
altiris:deployment_solutionaltiris deployment solutioneq5.6
altiris:client_servicealtiris client serviceeq6.0.88

CPE	Name	Operator	Version
altiris:deployment_solution	altiris deployment solution	eq	6.0
altiris:deployment_solution	altiris deployment solution	eq	5.6.181
altiris:deployment_solution	altiris deployment solution	eq	5.6
altiris:client_service	altiris client service	eq	6.0.88

References

archives.neohapsis.com/archives/fulldisclosure/2005-04/0614.html

secunia.com/advisories/15159

www.osvdb.org/15897

6.7 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-1590

cve1