Symantec Altiris Deployment Solution vulnerabilities

CVE-2010-0109 [MEDIUM] CWE-119 CVE-2010-0109: DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.

CVE-2009-3028 [MEDIUM] CVE-2009-3028: The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.

CVE-2009-3033 [CRITICAL] CWE-119 CVE-2009-3033: Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.

CVE-2009-3031 [CRITICAL] CWE-119 CVE-2009-3031: Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtiliti Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP

CVE-2009-3179 [CRITICAL] CVE-2009-3179: Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Soluti

CVE-2009-3178 [HIGH] CVE-2009-3178: Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attack Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of 20090909, this disclosure has no actionable information. However, bec

CVE-2009-3109 [CRITICAL] CVE-2009-3109: Unspecified vulnerability in the AClient agent in Symantec Altiris Deployment Solution 6.9.x before Unspecified vulnerability in the AClient agent in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430, when key-based authentication is being used between a deployment server and a client, allows remote attackers to bypass authentication and execute arbitrary commands as SYSTEM by spoofing the deployment server and sending "alternate commands

CVE-2009-3108 [HIGH] CWE-264 CVE-2009-3108: The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a cl The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions (Everyone:Full Control), which allows local users to gain privileges by replacing the executable with a Trojan horse program.

CVE-2009-3107 [MEDIUM] CWE-287 CVE-2009-3107: Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict acces Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.

CVE-2009-3110 [MEDIUM] CWE-362 CVE-2009-3110: Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x befo Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.

CVE-2008-6827 [HIGH] CWE-306 CVE-2008-6827: The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x bef The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modif

CVE-2008-6828 [HIGH] CWE-312 CVE-2008-6828: Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

CVE-2008-2286 [HIGH] CWE-89 CVE-2008-2286: SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

CVE-2008-2291 [HIGH] CWE-255 CVE-2008-2291: axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates creden axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

CVE-2008-2289 [HIGH] CWE-264 CVE-2008-2289: Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9 Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

CVE-2008-2290 [HIGH] CWE-264 CVE-2008-2290: Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

CVE-2008-2287 [HIGH] CWE-264 CVE-2008-2287: Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

CVE-2008-2288 [LOW] CWE-264 CVE-2008-2288: Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

CVE-2008-1754 [LOW] CWE-310 CVE-2008-1754: Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClien Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

CVE-2008-1473 [HIGH] CWE-264 CVE-2008-1473: The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.16 The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack.