Lucene search
K

167 matches found

seebug.org
seebug.org
added 2007/11/02 12:0 a.m.15 views

Symantec Altiris Deployment Solution Aclient进程本地权限提升漏洞

BUGTRAQ ID: 26265 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec的Altiris Deployment Solution产品中的Aclient进程是以本地系统权限运行的。通过使用浏览器选项,本地攻击者就可以以系统权限打开或执行系统上的任意文件。 Symantec Altiris Deployment Solution 6.x SP2 厂商补丁: Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2007/11/02 12:0 a.m.23 views

Symantec Altiris Deployment Solution目录遍历漏洞

BUGTRAQ ID: 26266 CVECAN ID: CVE-2007-3874 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec的Altiris Deployment Solution产品的可选PXE服务器组件中包含有tftp/mtftp服务程序,该服务程序中存在目录遍历漏洞。 如果用户提交了恶意请求的话,就可能允许未经认证的攻击者以SYSTEM权限下载系统上的任意文件。 Symantec Altiris Deployment Solution 6.x SP2...

7.8CVSS6.4AI score0.02152EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/02 12:0 a.m.33 views

Symantec Altris deployment solution directory traversal

Directory traversal in PXE with TFTP/MFTP protocols...

7.8CVSS4.3AI score0.02152EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/10/31 12:0 a.m.24 views

Altiris AClient < 6.8.380 Local Vulnerabilities

The version of the Altiris Client Agent aclient installed on the remote host contains a flaw in its browser option whereby a local user can open or execute files on the affected host with SYSTEM privileges. It also contains a directory traversal vulnerability that allows a local user to read...

7.8CVSS5.6AI score0.02152EPSS
Exploits1References4
Symantec
Symantec
added 2007/10/30 8:0 a.m.17 views

Altiris Deployment Solution Directory Traversal

SUMMARY Symantecs Altiris Deployment Solution is vulnerable to an elevation of privilege attack. Risk Impact Medium Remote Access | Yes ---|--- Local Access | Yes Authentication Required | Yes Exploit available | No AFFECTED PRODUCTS Affected Products Product | Version | Build | Solution...

Exploits0Affected Software1
Prion
Prion
added 2007/10/18 8:17 p.m.13 views

Design/Logic Flaw

Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...

6.9CVSS7.2AI score0.00328EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2007/10/18 8:17 p.m.16 views

CVE-2007-5555

Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...

6.9CVSS6.7AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/10/18 8:0 p.m.22 views

CVE-2007-5555

Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no...

6.7AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2007/10/18 8:0 p.m.43 views

CVE-2007-5555

Technical details for CVE-2007-5555 are not publicly available in the provided documents; no affected products, root cause, impact or fix are disclosed. Monitor for updates.

6.9CVSS6.7AI score0.00328EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/08/20 12:0 a.m.14 views

Altiris Deployment Solution Client Detection

Binary data 4178.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/08/20 12:0 a.m.12 views

Altiris Deployment Solution Server Detection

Binary data 4179.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/08/20 12:0 a.m.15 views

Altiris Deployment Solution < 6.8 SP2 Aclient Log File Viewer Local Privilege Escalation

Binary data 4180.prm...

7.2CVSS7.3AI score0.0035EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/08/17 12:0 a.m.29 views

Altiris Deployment Solution Aclient Process (aclient.exe) Log File Viewer Local Privilege Escalation

The version of the Altiris Client Agent aclient installed on the remote host reportedly contains a flaw whereby local users can use the Log File Viewer to open or execute files on the affected host with SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...

7.2CVSS5.5AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2007/08/16 6:17 p.m.18 views

CVE-2007-4380

Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...

7.2CVSS6.3AI score0.0035EPSS
Exploits0References8
Prion
Prion
added 2007/08/16 6:17 p.m.13 views

Design/Logic Flaw

Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...

7.2CVSS6.7AI score0.0035EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2007/08/16 6:0 p.m.55 views

CVE-2007-4380

CVE-2007-4380 affects Symantec Altiris Deployment Solution 6.x prior to 6.8 SP2 (build 6.8.378) where the Aclient Log File Viewer enables local users to gain SYSTEM privileges. The vulnerability is described as a local privilege escalation via the Log File Viewer in the Altiris client (aclient). ...

7.2CVSS6.4AI score0.0035EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/08/16 6:0 p.m.24 views

CVE-2007-4380

Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 6.8.378 allows local users to gain local System privileges via the Log File Viewer...

6.3AI score0.0035EPSS
Exploits0References8
Symantec
Symantec
added 2007/08/13 8:0 a.m.12 views

Altiris Deployment Solution Elevation of Privilege

SUMMARY Symantecs Altiris Deployment Solution is vulnerable to an elevation of privilege attack. Severity Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|---...

0.5AI score
Exploits0Affected Software1
CVE
CVE
added 2005/12/04 10:0 p.m.48 views

CVE-2004-2622

CVE-2004-2622 affects Altiris Deployment Solution 6.x and 5.x. AClient.exe does not require authentication from the first Deployment Server it connects to, enabling remote malicious servers to gain administrator access. Impact is complete administrator-level access on affected systems. The provid...

10CVSS7.5AI score0.02603EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2005/12/04 10:0 p.m.19 views

CVE-2004-2622

AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access...

7AI score0.02603EPSS
Exploits0References9
Rows per page
Query Builder