25 matches found
EUVD-2009-3091
Malware in sbrugna...
Symantec Deployment Solution AClient <= 6.9 Buffer Overflow
The Symantec Deployment Solution AClient installed on the remote host is version 6.9 or prior. It is, therefore, affected by a buffer overflow vulnerability that is triggered when handling an IOCTL. A local attacker can exploit this to gain elevated privileges. C Tenable Network Security, Inc...
Buffer overflow
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors...
CVE-2014-7286
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors...
CVE-2014-7286
CVE-2014-7286 concerns a buffer overflow in the AClient component of Symantec Deployment Solution (6.9 and earlier) on Windows XP and Windows Server 2003. The vulnerability is triggered by handling an IOCTL, enabling a local attacker with privileges to potentially escalate to full control. ASyman...
Symantec Deployment Solution AClient Memory Overwrite
SUMMARY An arbitrary memory overwrite vulnerability exists in a Symantec Deployment Solution agent allowing a local and authorized malicious user to potentially elevate privileges on the local system. This vulnerability applies to Windows XP SP3 or Windows Server 2003 SP2 only. AFFECTED PRODUCTS...
Altiris Deployment Solution Server < 6.9.430 Multiple Vulnerabilities (SYM09-011)
The version of Altiris Deployment Solution installed on the remote host is reportedly affected by the following vulnerabilities : - DBManager authentication can by bypassed. A remote attacker could exploit this to execute arbitrary database queries. CVE-2009-3107 - The Aclient GUI has a privilege...
CVE-2009-3108
The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions Everyone:Full Control, which allows local users to gain privileges by replacing the executable with a Trojan horse program...
CVE-2009-3108
CVE-2009-3108 affects Symantec Altiris Deployment Solution 6.9.x prior to 6.9 SP3 Build 430. The Aclient GUI is installed with insecure permissions (Everyone: Full Control), enabling local users to escalate privileges by replacing the client executable with a Trojan horse. Impact is local privile...
CVE-2009-3109
CVE-2009-3109 affects Symantec Altiris Deployment Solution 6.9.x prior to 6.9 SP3 Build 430. The AClient agent, when key-based authentication is used, can be bypassed by spoofing the deployment server and issuing alternate commands before the handshake, allowing arbitrary commands to be executed ...
Symantec Altiris Deployment Solution Aclient本地权限提升漏洞
BUGTRAQ ID: 36111 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Altiris Deployment Solution是的Aclient GUI没有充分的防范非授权访问。尽管安装目录是受保护的,Everyone用户组默认对客户端可执行程序都拥有完全控制,非特权用户可以利用Everyone用户组访问恶意修改客户端。 GUI二进制程序默认以登录用户权限运行,如果其他特权用户登录到了客户端,就可能导致权限提升或入侵客户端系统。 Symantec Altiris...
Symantec Altiris Deployment Solution AClient口令泄露漏洞
BUGTRAQ ID: 28707 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec Altiris Deployment Solution的AClient.exe进程在内存中以明文存储AClient口令,恶意的本地用户可以通过dump AClient.exe进程内存检索本地代理管理接口的口令。 Symantec Altiris Deployment Solution 6.8.x Symantec --------...
CVE-2008-1754
The CVE-2008-1754 issue affects Symantec Altiris Deployment Solution before 6.9.164, where the Deployment Solution Agent (AClient) password is stored in cleartext in memory. This allows a local attacker to obtain sensitive credentials by dumping the aclient.exe process memory, leading to potentia...
Altiris AClient < 6.9.164 Multiple Local Vulnerabilities
The version of the Altiris Client Agent aclient installed on the remote host reportedly is susceptible to a shatter attack that could allow a local user to elevate his or her privileges on the affected system. In addition, the Altiris Deployment Solution reportedly stores the AClient password in...
Altiris AClient < 6.9.164 Multiple Vulnerabilities
Binary data 4419.prm...
Symantec Altiris Deployment Solution Aclient进程本地权限提升漏洞
BUGTRAQ ID: 26265 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec的Altiris Deployment Solution产品中的Aclient进程是以本地系统权限运行的。通过使用浏览器选项,本地攻击者就可以以系统权限打开或执行系统上的任意文件。 Symantec Altiris Deployment Solution 6.x SP2 厂商补丁: Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Altiris AClient < 6.8.380 Multiple Local Vulnerabilities
Binary data 4269.prm...
Altiris AClient < 6.8.380 Local Vulnerabilities
The version of the Altiris Client Agent aclient installed on the remote host contains a flaw in its browser option whereby a local user can open or execute files on the affected host with SYSTEM privileges. It also contains a directory traversal vulnerability that allows a local user to read...
Altiris Deployment Solution Elevation of Privilege
SUMMARY Symantecs Altiris Deployment Solution is vulnerable to an elevation of privilege attack. Risk Impact Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes Exploit available | No AFFECTED PRODUCTS Affected Products Product | Version | Build | Solution...
Altiris Deployment Solution Aclient Process (aclient.exe) Log File Viewer Local Privilege Escalation
The version of the Altiris Client Agent aclient installed on the remote host reportedly contains a flaw whereby local users can use the Log File Viewer to open or execute files on the affected host with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...