SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   Symantec Altiris Deployment Solution Vendors:   Symantec
Symantec Altiris Deployment Solution Lets Remote Users Inject SQL Commands and Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1020024
SecurityTracker URL:  http://securitytracker.com/id/1020024
CVE Reference:   CVE-2008-2286, CVE-2008-2287, CVE-2008-2288, CVE-2008-2289, CVE-2008-2290, CVE-2008-2291   (Links to External Site)
Updated:  Jun 3 2008
Original Entry Date:  May 14 2008
Impact:   Disclosure of authentication information, Execution of arbitrary code via network, Modification of user information, Root access via local system, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 6.9.176
Description:   Several vulnerabilities were reported in Symantec Altiris Deployment Solution. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system.

A remote user can supply specially crafted data to inject SQL commands and execute arbitrary code on the target system.

A remote user can obtain encrypted Altiris Deployment Solution domain credentials and then exploit a weakness in the encryption to obtain the credentials.

A local user can exploit flaws in the agent user interface and a common graphical user interface element (tooltip) to access a privileged command prompt.

A local user may be able to modify or delete certain registry keys.

A local user with access to the installation directory can replace application code in that directory and then cause the code to run with administrative privileges.

Brett Moore of Insomnia Security reported some of these vulnerabilities via 3Com ZDI. Alex Hernandez of sybsecurity.com and Eduardo Vela reported some of these vulnerabilities.

Impact:   A remote user can execute arbitrary code on the target system.

A local user can modify registry entries.

A local user can obtain elevated privileges on the target system.

Solution:   The vendor has issued a fixed version (6.9.176).

The vendor's advisory is available at:

http://securityresponse.symantec.com/avcenter/security/Content/2008.05.14a.html

Vendor URL:  securityresponse.symantec.com/avcenter/security/Content/2008.05.14a.html (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:   Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 17 2008 (HP Issues Fix for HP ProLiant Essentials Rapid Deployment Pack) Symantec Altiris Deployment Solution Lets Remote Users Inject SQL Commands and Local Users Obtain Elevated Privileges   (security-alert@hp.com)
HP has released a fix for HP ProLiant Essentials Rapid Deployment Pack (RDP).



 Source Message Contents

Date:  Wed, 14 May 2008 19:03:47 -0400
Subject:  Altiris Deployment Solution Multiple Vulnerabilities


http://securityresponse.symantec.com/avcenter/security/Content/2008.05.14a.html
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC