Lucene search
K

167 matches found

Prion
Prion
added 2008/05/18 2:20 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...

7.2CVSS7AI score0.0035EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2008/05/18 2:20 p.m.35 views

CVE-2008-2286

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet...

7.5CVSS8.3AI score0.32678EPSS
Exploits9References12
NVD
NVD
added 2008/05/18 2:20 p.m.24 views

CVE-2008-2290

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...

7.2CVSS6.5AI score0.0035EPSS
Exploits0References7
NVD
NVD
added 2008/05/18 2:20 p.m.21 views

CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse...

7.2CVSS6.5AI score0.0035EPSS
Exploits0References7
Prion
Prion
added 2008/05/18 2:20 p.m.18 views

Command injection

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...

7.5CVSS7.2AI score0.04193EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2008/05/18 2:20 p.m.27 views

CVE-2008-2289

Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...

7.2CVSS6.4AI score0.0035EPSS
Exploits0References7
Prion
Prion
added 2008/05/18 2:20 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...

7.2CVSS7AI score0.0035EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2008/05/18 2:20 p.m.28 views

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...

7.5CVSS6.7AI score0.04193EPSS
Exploits0References11
Prion
Prion
added 2008/05/18 2:20 p.m.24 views

Design/Logic Flaw

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse...

7.2CVSS7.1AI score0.0035EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2008/05/18 2:0 p.m.52 views

CVE-2008-2291

Symantec Altiris Deployment Solution 6.8.x and 6.9.x prior to 6.9.176 are affected by CVE-2008-2291 due to an insecure credential mechanism in axengine.exe. The service, listening on TCP port 402, generates domain credentials with a fixed salt or no salt at all, enabling remote attackers to guess...

7.5CVSS6.6AI score0.04193EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2008/05/18 2:0 p.m.43 views

CVE-2008-2288

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, enabling local users to cause a denial of service or obtain sensitive information. This CVE (CVE-2008-2288) is documented in NVD and related Nessus e...

3.6CVSS6.5AI score0.00341EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2008/05/18 2:0 p.m.47 views

CVE-2008-2290

CVE-2008-2290 affects Symantec Altiris Deployment Solution Agent in 6.8.x and 6.9.x prior to 6.9.176. It is described as an unspecified local privilege escalation via the Agent user interface, with a CVSS v2 base score of 7.2 (LOCAL attack vector, HIGH impact). Public references note multiple loc...

7.2CVSS6.5AI score0.0035EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2008/05/18 2:0 p.m.57 views

CVE-2008-2286

CVE-2008-2286 describes an SQL injection in Symantec Altiris Deployment Solution (DS) via axengine.exe, affecting 6.8.x and 6.9.x before 6.9.176. The vulnerability allows remote execution of arbitrary SQL commands through crafted notification packets (Port 402/tcp), with network access and no aut...

7.5CVSS8.2AI score0.32678EPSS
Exploits9References12Affected Software1
CVE
CVE
added 2008/05/18 2:0 p.m.46 views

CVE-2008-2289

The CVE-2008-2289 entry concerns Symantec Altiris Deployment Solution 6.8.x and 6.9.x prior to 6.9.176. A vulnerability in a tooltip element enables local users to gain privileges via unspecified attack vectors. Connected documents corroborate the issue as part of multiple local vulnerabilities a...

7.2CVSS6.4AI score0.0035EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.23 views

CVE-2008-2288

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information...

6.4AI score0.00341EPSS
Exploits0References7
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.27 views

CVE-2008-2290

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...

6.5AI score0.0035EPSS
Exploits0References7
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.33 views

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...

6.6AI score0.04193EPSS
Exploits0References11
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.26 views

CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse...

6.5AI score0.0035EPSS
Exploits0References7
CVE
CVE
added 2008/05/18 2:0 p.m.45 views

CVE-2008-2287

Affected product: Symantec Altiris Deployment Solution 6.8.x and 6.9.x prior to 6.9.176. Issue: insufficient protection of the install directory may allow a local user to gain privileges by replacing an application component with a Trojan horse. Documented impact: local privilege escalation with ...

7.2CVSS6.5AI score0.0035EPSS
Exploits0References7Affected Software1
seebug.org
seebug.org
added 2008/05/17 12:0 a.m.22 views

Symantec Altiris Deployment Solution多个安全漏洞

BUGTRAQ ID: 29198,29199,29194,29218,29196,29197 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec Altiris Deployment Solution中存在多个安全漏洞,可能允许恶意的本地或远程用户获得权限提升、操控某些数据、泄露敏感信息、执行SQL注入攻击或入侵有漏洞的系统。 1 默认监听于TCP...

6.9AI score
Exploits0
Rows per page
Query Builder