Lucene search
K

304 matches found

OpenVAS
OpenVAS
added 2010/02/11 12:0 a.m.11 views

Symantec Altiris Notification Server Version Detection

This script detects the installed version of Symantec Altiris Notification Server and sets the result in KB. OpenVAS Vulnerability Test $Id: gbsymantecaltirisnsdetect.nasl 5372 2017-02-20 16:26:11Z cfi $ Symantec Altiris Notification Server Version Detection Authors: Rachana Shetty Copyright:...

Exploits0
OpenVAS
OpenVAS
added 2010/02/11 12:0 a.m.28 views

Symantec Altiris NS Key Unauthorized Access Vulnerability

This host is installed with Symantec Altiris Notification Server and is prone to unauthorized access vulnerability. OpenVAS Vulnerability Test $Id: gbsymantecaltirisnsunauthaccessvuln.nasl 6000 2017-04-21 11:07:29Z cfi $ Symantec Altiris NS Key Unauthorized Access Vulnerability Authors: Rachana...

4.3CVSS0.7AI score0.00375EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/02/11 12:0 a.m.47 views

Symantec Altiris NS Key Unauthorized Access Vulnerability

Symantec Altiris Notification Server is prone to unauthorized access vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

4.3CVSS6.6AI score0.00375EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2010/02/11 12:0 a.m.15 views

Symantec Altiris Notification Server Version Detection

This script detects the installed version of Symantec Altiris Notification Server. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

7AI score
Exploits0
NVD
NVD
added 2010/02/02 4:30 p.m.12 views

CVE-2009-3035

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

4.3CVSS7.1AI score0.00375EPSS
Exploits0References7
Prion
Prion
added 2010/02/02 4:30 p.m.17 views

Hardcoded credentials

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

4.3CVSS7.6AI score0.00375EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2010/02/02 4:25 p.m.56 views

CVE-2009-3035

Symantec Altiris Notification Server 6.0.x prior to SP3 R12 stores a static encryption key on the server to encrypt credentials used for discovery and SQL Server access. The hardcoded key can decrypt these credentials, enabling local users to obtain sensitive information and, if decrypted credent...

4.3CVSS7.3AI score0.00375EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2010/02/02 4:25 p.m.25 views

CVE-2009-3035

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and...

7AI score0.00375EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2010/01/29 12:0 a.m.13 views

Symantec Altiris Notification Server 6.0 < SP3 R12 Static Encryption Key

Binary data 5330.prm...

4.3CVSS7.3AI score0.00375EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/01/29 12:0 a.m.31 views

Altiris Notification Server Static Encryption Key (KB46763)

The remote Windows host is running Symantec Altiris Notification Server 6.0 earlier than SP3 R12. Such versions are potentially affected by a local information disclosure vulnerability because the application uses a static encryption key for encrypted credentials entered by an administrator. C...

4.3CVSS5.5AI score0.00375EPSS
Exploits0References3
Symantec
Symantec
added 2010/01/28 8:0 a.m.23 views

Symantec Altiris Notification Server 6.x Static Encryption Key

SUMMARY Symantecs Altiris Notification Server 6.0.x web console stores a static encryption key for encrypted credentials entered by the administrator. These credentials include ones used to enumerate the computers within a windows domain during discovery sessions allowing dissemination of Altiris...

4.3CVSS0.3AI score0.00375EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/01/08 12:0 a.m.19 views

Altiris Deployment Solution Server DB Manager Detection

The remote service is running the DB Manager component of Altiris Deployment Solution. This service is used to remotely manage the Altiris database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid43831;...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/01/08 12:0 a.m.24 views

Altiris Deployment Solution Server < 6.9.430 Multiple Vulnerabilities (SYM09-011)

The version of Altiris Deployment Solution installed on the remote host is reportedly affected by the following vulnerabilities : - DBManager authentication can by bypassed. A remote attacker could exploit this to execute arbitrary database queries. CVE-2009-3107 - The Aclient GUI has a privilege...

9.3CVSS6AI score0.03763EPSS
Exploits0References9
Packet Storm
Packet Storm
added 2009/12/31 12:0 a.m.38 views

Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Symantec Altiris...

9.3CVSS0.5AI score0.39967EPSS
Exploits10
Check Point Advisories
Check Point Advisories
added 2009/12/16 12:0 a.m.55 views

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow (CVE-2009-3031; CVE-2009-3033)

Symantec Altiris Deployment Solution software provides tools to deploy software on desktops and servers. It runs on Windows platforms, offering Operating System OS deployment, configuration, software deployment across hardware platforms and OS types, among other tasks. This product can be used...

9.3CVSS7.5AI score0.45435EPSS
Exploits26
Metasploit
Metasploit
added 2009/12/11 2:36 a.m.26 views

Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Symantec Altiris Deployment Solution. When sending an overly long string to RunCmd method of AeXNSConsoleUtilities.dll 6.0.0.1426 an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...

9.3CVSS0.7AI score0.39967EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2009/12/02 12:0 a.m.29 views

Altiris ConsoleUtilities ActiveX RunCmd Method Overflow

A vulnerable version of the Altiris ConsoleUtilities ActiveX control is installed on the remote host. This control comes with Altiris Deployment Solution, Altiris Notification Server, and Symantec Management Platform. There is a stack-based buffer overflow in the 'RunCmd' function. A remote...

9.3CVSS6.5AI score0.39967EPSS
Exploits10References3
Saint
Saint
added 2009/11/27 12:0 a.m.22 views

Symantec AeXNSConsoleUtilities RunCmd buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...

9.3CVSS6.9AI score0.39967EPSS
Exploits10
Saint
Saint
added 2009/11/27 12:0 a.m.46 views

Symantec AeXNSConsoleUtilities RunCmd buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...

9.3CVSS6.8AI score0.39967EPSS
Exploits10
seebug.org
seebug.org
added 2009/11/27 12:0 a.m.28 views

Symantec多个产品AeXNSConsoleUtilities.dll ActiveX控件远程溢出漏洞

BUGTRAQ ID: 37092 CVECAN ID: CVE-2009-3033 Altiris Notification Server、Management Platform和Altiris Deployment Solution都是Symantec的网管和部署解决方案。 在初次连接到Altiris Deployment Solution等产品管理服务器的Web控制台时会安装一个Altiris eXpress NS Console Utilities...

9.3CVSS6.4AI score0.39967EPSS
Exploits10
Rows per page
Query Builder