Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1754

Overview

Vulnerability Score 1.7 1.7
CVE Id CVE-2008-1754
Last Modified 07 Mar 2011 10:07:35
Published 11 Apr 2008 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1754

Summary

Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

Vulnerable Systems

Application

  • Symantec Altiris Deployment Solution 6.8

  • Symantec Altiris Deployment Solution 6.8.380


References

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html

XF - altiris-agent-aclient-info-disclosure(41771)

VUPEN - ADV-2008-1197

SECTRACK - 1019825

BID - 28707

OSVDB - 44388

SECUNIA - 29771


Last Updated: 27 May 2016 10:47:38