Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1590

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-1590
Last Modified 05 Sep 2008 04:49:33
Published 16 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-1590

Summary

The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070.

Vulnerable Systems

Application

  • Altiris Client Service 6.0.88

  • Altiris Deployment Solution 5.6

  • Altiris Deployment Solution 5.6.181

  • Altiris Deployment Solution 6.0


References

OSVDB - 15897

SECUNIA - 15159

FULLDISC - 20050427 Privilege escalation and password protection bypass in Altiris Client Service for Windows (Version 6.0.88)


Last Updated: 27 May 2016 10:40:13