SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   Symantec Altiris Deployment Solution Vendors:   Symantec
Symantec Altiris Deployment Solution Multiple Flaws Let Remote Users Modify the Configuration, Execute Arbitrary Commands, and Deny Service
SecurityTracker Alert ID:  1022779
SecurityTracker URL:  http://securitytracker.com/id/1022779
CVE Reference:   CVE-2009-3107, CVE-2009-3108, CVE-2009-3109, CVE-2009-3110   (Links to External Site)
Updated:  Sep 10 2009
Original Entry Date:  Aug 26 2009
Impact:   Denial of service via network, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of system information, Modification of user information, Root access via network, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 6.9.x prior to 6.9 SP3 Build 430
Description:   Several vulnerabilities were reported in Symantec Altiris Deployment Solution. A remote user can modify the configuration and execute arbitrary commands on the target system. A remote user can cause denial of service conditions. A local user can obtain elevated privileges on the target system.

A remote user can bypass authentication and supply commands to the DBManager to modify the Altiris Database. The remote user can add or remove users and access or modify currently scheduled tasks, affecting managed clients.

A local user can modify the Aclient GUI software to include arbitrary code. When the target user subsequently runs the GUI, the arbitrary code will be executed with the privileges of the target user.

A remote user can bypass authentication between the AClient agent and the deployment server (just prior to the authentication handshake) to execute arbitrary commands on the target agent system. The commands will run with System privileges.

A remote user can exploit a race condition to download files to the target client system. Affected client systems will fail to receive certain updates.

Luke Jennings of MWRInfosecurity reported these vulnerabilities.
Impact:   A remote user can modify the Altiris Database.

A local user can obtain elevated privileges on the target client system.

A remote user can cause client systems to fail to receive certain updates.

A remote user can execute arbitrary commands on the target system with System level privileges.
Solution:   The vendor has issued a fix (6.9 SP3 Build 430).

The vendor's advisory is available at:

http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00
Vendor URL:  www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00 (Links to External Site)
Cause:   Access control error, Configuration error, State error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Wed, 26 Aug 2009 14:09:08 -0400
Subject:  Symantec Altiris Deployment Solution Multiple Vulnerabilities


SYM09-011

http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC