Design/Logic Flaw

2009-06-0819:30:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

CPENameOperatorVersion
altiris_deployment_solutioneq6.9.355
altiris_deployment_solutionlt6.9.355

CPE	Name	Operator	Version
	altiris_deployment_solution	eq	6.9.355
	altiris_deployment_solution	lt	6.9.355

References

secunia.com/advisories/31773

securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html

www.securityfocus.com/bid/31767

www.securitytracker.com/id?1021072

www.vupen.com/english/advisories/2008/2876

exchange.xforce.ibmcloud.com/vulnerabilities/46007