Vulnerabilities > CVE-2007-5838 - Configuration vulnerability in Symantec Altiris Deployment Solution 6/6.8

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

symantec

CWE-16

nessus

NVD

Published: 2007-11-06

Updated: 2024-11-21

Summary

Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Altiris Deployment Solution 6.8 Symantec Altiris Deployment Solution 6	4

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

Nessus

NASL family	Windows
NASL id	ALTIRIS_6_8_380.NASL
description	The version of the Altiris Client Agent (aclient) installed on the remote host contains a flaw in its browser option whereby a local user can open or execute files on the affected host with SYSTEM privileges. It also contains a directory traversal vulnerability that allows a local user to read privileged system files.
last seen	2020-06-01
modified	2020-06-02
plugin id	27596
published	2007-10-31
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27596
title	Altiris AClient < 6.8.380 Local Vulnerabilities

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References