Information Disclosure Vulnerability in Symantec Altiris Deployment Solution
CVE-2008-1754

Currently unrated

Key Information:

Vendor
Symantec
Status
Altiris Deployment Solution
Vendor
CVE Published:
11 April 2008

Summary

The Symantec Altiris Deployment Solution prior to version 6.9.164 exposes a security risk by storing the Deployment Solution Agent (AClient) password in cleartext within memory. This flaw enables local users to exploit this weakness and extract sensitive information by accessing the memory of the AClient.exe process.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41771
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/28707
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2008/1197/references
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.