Information Disclosure Vulnerability in Symantec Altiris Deployment Solution
CVE-2008-1754

Currently unrated

Key Information:

Vendor: Symantec
Status: Altiris Deployment Solution
Vendor: CVE Published:; 11 April 2008

What is CVE-2008-1754?

The Symantec Altiris Deployment Solution prior to version 6.9.164 exposes a security risk by storing the Deployment Solution Agent (AClient) password in cleartext within memory. This flaw enables local users to exploit this weakness and extract sensitive information by accessing the memory of the AClient.exe process.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41771

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/28707

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/1197/references

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 11, 2008
Vulnerability Reserved
Apr 11, 2008