Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
References
Link | Resource |
---|---|
http://www.securitytracker.com/id?1021072 | |
http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html | Patch Vendor Advisory |
http://www.vupen.com/english/advisories/2008/2876 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/31767 | |
http://secunia.com/advisories/31773 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/46007 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2009-06-08 12:30
Updated : 2017-08-16 18:29
NVD link : CVE-2008-6828
Mitre link : CVE-2008-6828
JSON object : View
CWE
CWE-310
Cryptographic Issues
Products Affected
symantec
- altiris_deployment_solution