Lucene search
K

167 matches found

Symantec
Symantec
added 2009/08/26 8:0 a.m.34 views

Symantec Altiris Deployment Solution Multiple Vulnerabilities

SUMMARY Symantecs Altiris Deployment Solution contains vulnerabilities that could potentially be leveraged for unauthorized file access or a denial of service on a client system, authentication bypass on the Server to local system-level access on a client system. AFFECTED PRODUCTS Product | Versi...

9.3CVSS0.7AI score0.03763EPSS
Exploits0Affected Software1
NVD
NVD
added 2009/06/08 7:30 p.m.19 views

CVE-2008-6828

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server...

7.8CVSS7.8AI score0.00248EPSS
Exploits0References6
Prion
Prion
added 2009/06/08 7:30 p.m.19 views

Command injection

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

6.8CVSS7.9AI score0.01084EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2009/06/08 7:0 p.m.47 views

CVE-2008-6828

CVE-2008-6828 affects Symantec Altiris Deployment Solution (6.x) prior to 6.9.355 SP1. Affected component: Application Identity Account handling; root cause: the Application Identity Account password is stored in memory in cleartext, enabling a local attacker to glean credentials and gain privile...

7.8CVSS7.7AI score0.00248EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2009/06/08 7:0 p.m.23 views

CVE-2008-6828

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server...

7.8AI score0.00248EPSS
Exploits0References6
CVE
CVE
added 2009/06/08 7:0 p.m.51 views

CVE-2008-6827

Affected software: Symantec Altiris Deployment Solution (Client GUI) with AClient.exe in 6.x before 6.9.355 SP1. Vulnerability: A local privilege escalation via the ListView control’s hidden GUI button (the “Shatter” style attack) allows overwriting the CommandLine parameter to cmd.exe to gain SY...

7.8CVSS7.9AI score0.01084EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2009/06/08 7:0 p.m.38 views

CVE-2008-6827

The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...

8AI score0.01084EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2009/06/08 12:0 a.m.6 views

PT-2009-2297 · Symantec · Symantec Altiris Deployment Solution

Name of the Vulnerable Software and Affected Versions: Symantec Altiris Deployment Solution versions 6.x before 6.9.355 SP1 Description: The issue allows local users to gain privileges and modify clients of the Deployment Solution Server because the Application Identity Account password is stored...

7.8CVSS7.7AI score0.00248EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2009/06/08 12:0 a.m.7 views

PT-2009-2296 · Symantec +1 · Symantec Altiris Deployment Solution +1

Name of the Vulnerable Software and Affected Versions: Symantec Altiris Deployment Solution versions prior to 6.9.355 SP1 Description: The issue allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack. This attack targets the CommandLine parameter ...

7.8CVSS8AI score0.01084EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2008/12/01 12:0 a.m.21 views

Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020) (deprecated)

Binary data 4772.prm...

7.8CVSS7.3AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/11/25 12:0 a.m.35 views

Altiris Deployment Solution Agent < 6.9.355 Local Privilege Escalation (SYM08-019)

The version of the Altiris Deployment Solution Agent installed on the remote host is affected by a local privilege escalation issue. Successful exploitation of this issue could allow an authorized non-privileged user to gain local system access on the client system. C Tenable Network Security, In...

7.8CVSS7.4AI score0.01084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/11/25 12:0 a.m.36 views

Altiris Deployment Solution Server < 6.9.355 Password Disclosure (SYM08-020)

The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by a password disclosure vulnerability. Altiris Deployment Solution Server reportedly stores 'Application Identity Account password' in the system memory in plain-text. It may be possible for an...

7.8CVSS7.4AI score0.00248EPSS
Exploits0References2
seebug.org
seebug.org
added 2008/10/23 12:0 a.m.18 views

Symantec Altiris Deployment Solution明文口令漏洞

BUGTRAQ ID: 31767 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Symantec Altiris Deployment Solution代理在系统内存中以明文存储了安装期间所设置的Application Identity Account口令,授权访问Deployment Solution Server系统的非特权用户可以从系统内存检索这个口令,然后利用这个口令对客户端执行各种操作。 Symantec Altiris Deployment Solution 6.x...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2008/10/23 12:0 a.m.20 views

Symantec Altiris Deployment Solution客户端GUI本地权限提升漏洞

BUGTRAQ ID: 31766 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 Altiris客户端GUI的主窗口有一个隐藏按键,该按键的标题为“命令提示符”。点击这个按键会导致GUI试图用以下命令行参数调用CreateProcess: c:\Program Files\Altiris\AClient\cmd.exe...

6.9AI score
Exploits0
Symantec
Symantec
added 2008/10/20 8:0 a.m.13 views

Symantec Altiris Deployment Solution Elevation of Privilege Clear Text Password in Memory

SUMMARY An elevation of privilege issue via a privileged access password stored in memory has been identified and resolved in the Symantec Altiris Deployment Solution. Successful exploitation could potentially allow a non-privileged user with authorized access to the system hosting the Deployment...

0.3AI score
Exploits0Affected Software1
Symantec
Symantec
added 2008/10/20 8:0 a.m.19 views

Symantec Altiris Deployment Solution Local Access Elevation of Privilege in Client GUI

SUMMARY A local access elevation of privilege issue has been identified and resolved in the Symantec Altiris Deployment Solution Client GUI. Successful exploitation could result in unauthorized local system access on a client system. Severity Medium Remote Access adjacent network | No ---|--- Loc...

7.2AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2008/05/20 12:0 a.m.34 views

Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection

Insomnia Security Vulnerability Advisory: ISVA-080516.1 Name: Altiris Deployment Solution - SQL Injection Released: 16 May 2008 Vendor Link: http://www.altiris.com/ Affected Products: Altiris Deployment Solution 6.8.x & 6.9.x Original Advisory:...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2008/05/20 12:0 a.m.36 views

Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure

Insomnia Security Vulnerability Advisory: ISVA-080516.2 Name: Altiris Deployment Solution - Domain Account Disclosure Released: 16 May 2008 Vendor Link: http://www.altiris.com/ Affected Products: Altiris Deployment Solution 6.8.x & 6.9.x Original Advisory:...

7.5AI score
Exploits0
NVD
NVD
added 2008/05/18 2:20 p.m.23 views

CVE-2008-2288

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information...

3.6CVSS6.5AI score0.00341EPSS
Exploits0References7
Prion
Prion
added 2008/05/18 2:20 p.m.20 views

Improper access control

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information...

3.6CVSS7AI score0.00341EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder