32 matches found
EUVD-2007-5530
Malware in sbrugna...
Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
No description provided by source. $Id: symantecaltirisdeploymentdownloadandinstall.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informati...
Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
No description provided by source. $Id: symantecaltirisdeploymentruncmd.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensi...
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow (CVE-2009-3031; CVE-2009-3033)
Symantec Altiris Deployment Solution software provides tools to deploy software on desktops and servers. It runs on Windows platforms, offering Operating System OS deployment, configuration, software deployment across hardware platforms and OS types, among other tasks. This product can be used...
Symantec AeXNSConsoleUtilities RunCmd buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...
Symantec AeXNSConsoleUtilities RunCmd buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...
Stack overflow
Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server NS 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3,...
Symantec Altiris产品ConsoleUtilities ActiveX控件栈溢出漏洞
BUGTRAQ ID: 36698 CVE ID: CVE-2009-3031 Symantec Altiris Deployment Solution是自动化的操作系统部署解决方案,用于从统一的位置部署和管理服务器、桌面和笔记本等。 在初次连接到Altiris Deployment Solution等产品管理服务器的Web控制台时会安装一个AeXNSConsoleUtilities.dll...
Symantec Altiris Deployment Solution ActiveX File Download (CVE-2009-3028)
The Symantec Altiris Deployment Solution software provides tools to deploy and configure software across hardware platforms and operating systems. A remote program execution vulnerability exists in Symantec Altiris Deployment Solution. The vulnerability is caused due to the Altiris.AeXNSPkgDL.1...
CVE-2009-3178
Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of...
CVE-2009-3179
Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by 1 "Symantec Altiris Deployment...
CVE-2009-3179
Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by 1 "Symantec Altiris Deployment...
CVE-2009-3110
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does...
Symantec Altiris Deployment Solution Multiple Vulnerabilities
SUMMARY Symantecs Altiris Deployment Solution contains vulnerabilities that could potentially be leveraged for unauthorized file access or a denial of service on a client system, authentication bypass on the Server to local system-level access on a client system. AFFECTED PRODUCTS Product | Versi...
Command injection
The ListView control in the Client GUI AClient.exe in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to 1 overwrite the CommandLine...
CVE-2008-2288
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information...
CVE-2008-2291
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...
CVE-2008-2290
Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...
Command injection
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials...
CVE-2008-2286
CVE-2008-2286 describes an SQL injection in Symantec Altiris Deployment Solution (DS) via axengine.exe, affecting 6.8.x and 6.9.x before 6.9.176. The vulnerability allows remote execution of arbitrary SQL commands through crafted notification packets (Port 402/tcp), with network access and no aut...