Altiris Deployment Solution@6.8 Security Vulnerabilities and Issues — Altiris Deployment Solution@6.8 CVE List

Lucene search

SymantecAltiris Deployment Solution6.8

9 matches found

CVE•added 2007/11/06 7:46 p.m.•41 views

CVE-2007-5838

Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.

7.2CVSS6.5AI score0.00071EPSS

CVE•added 2008/05/18 2:20 p.m.•41 views

CVE-2008-2286

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

7.5CVSS8.2AI score0.39749EPSS

CVE•added 2008/05/18 2:20 p.m.•36 views

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

7.5CVSS6.6AI score0.02166EPSS

CVE•added 2008/05/18 2:20 p.m.•34 views

CVE-2008-2289

Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.4AI score0.00067EPSS

CVE•added 2008/04/11 9:5 p.m.•33 views

CVE-2008-1754

Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

1.7CVSS5.9AI score0.00083EPSS

CVE•added 2008/03/24 10:44 p.m.•32 views

CVE-2008-1473

The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack.

7.2CVSS6.5AI score0.00077EPSS

CVE•added 2008/05/18 2:20 p.m.•31 views

CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

7.2CVSS6.5AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•30 views

CVE-2008-2290

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.5AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•29 views

CVE-2008-2288

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

3.6CVSS6.5AI score0.00089EPSS