167 matches found
Symantec Altiris Deployment Solution Aclient进程本地权限提升漏洞
BUGTRAQ ID: 26265 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec的Altiris Deployment Solution产品中的Aclient进程是以本地系统权限运行的。通过使用浏览器选项,本地攻击者就可以以系统权限打开或执行系统上的任意文件。 Symantec Altiris Deployment Solution 6.x SP2 厂商补丁: Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Symantec Altiris Deployment Solution目录遍历漏洞
BUGTRAQ ID: 26266 CVECAN ID: CVE-2007-3874 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec的Altiris Deployment Solution产品的可选PXE服务器组件中包含有tftp/mtftp服务程序,该服务程序中存在目录遍历漏洞。 如果用户提交了恶意请求的话,就可能允许未经认证的攻击者以SYSTEM权限下载系统上的任意文件。 Symantec Altiris Deployment Solution 6.x SP2...
Symantec Altris deployment solution directory traversal
Directory traversal in PXE with TFTP/MFTP protocols...
Altiris AClient < 6.8.380 Local Vulnerabilities
The version of the Altiris Client Agent aclient installed on the remote host contains a flaw in its browser option whereby a local user can open or execute files on the affected host with SYSTEM privileges. It also contains a directory traversal vulnerability that allows a local user to read...
Altiris Deployment Solution Directory Traversal
SUMMARY Symantecs Altiris Deployment Solution is vulnerable to an elevation of privilege attack. Risk Impact Medium Remote Access | Yes ---|--- Local Access | Yes Authentication Required | Yes Exploit available | No AFFECTED PRODUCTS Affected Products Product | Version | Build | Solution...
Design/Logic Flaw
Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...
CVE-2007-5555
Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...
CVE-2007-5555
Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...
CVE-2007-5555
Technical details for CVE-2007-5555 are not publicly available in the provided documents; no affected products, root cause, impact or fix are disclosed. Monitor for updates.
Altiris Deployment Solution Client Detection
Binary data 4178.prm...
Altiris Deployment Solution Server Detection
Binary data 4179.prm...
Altiris Deployment Solution < 6.8 SP2 Aclient Log File Viewer Local Privilege Escalation
Binary data 4180.prm...
Altiris Deployment Solution Aclient Process (aclient.exe) Log File Viewer Local Privilege Escalation
The version of the Altiris Client Agent aclient installed on the remote host reportedly contains a flaw whereby local users can use the Log File Viewer to open or execute files on the affected host with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...
CVE-2007-4380
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...
Design/Logic Flaw
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...
CVE-2007-4380
CVE-2007-4380 affects Symantec Altiris Deployment Solution 6.x prior to 6.8 SP2 (build 6.8.378) where the Aclient Log File Viewer enables local users to gain SYSTEM privileges. The vulnerability is described as a local privilege escalation via the Log File Viewer in the Altiris client (aclient). ...
CVE-2007-4380
Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...
Altiris Deployment Solution Elevation of Privilege
SUMMARY Symantecs Altiris Deployment Solution is vulnerable to an elevation of privilege attack. Severity Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|---...
CVE-2004-2622
CVE-2004-2622 affects Altiris Deployment Solution 6.x and 5.x. AClient.exe does not require authentication from the first Deployment Server it connects to, enabling remote malicious servers to gain administrator access. Impact is complete administrator-level access on affected systems. The provid...
CVE-2004-2622
AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access...