Vulnerabilities > CVE-2008-2291 - Credentials Management vulnerability in Symantec Altiris Deployment Solution 6.8
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows |
NASL id | ALTIRIS_DEPLOYMENT_SERVER_6_9_176.NASL |
description | The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by several issues : - A SQL injection vulnerability that could allow a user to run arbitrary code (CVE-2008-2286). - A remote attacker may be able to obtain encrypted Altiris Deployment Solution domain credentials without authentication (CVE-2008-2291). - A local user could leverage a GUI tooltip to access a privileged command prompt (CVE-2008-2289). - A local user can modify or delete several registry keys used by the application, resulting in unauthorized access to system information or disruption of service (CVE-2008-2288). - A local user with access to the install directory of Deployment Solution could replace application components, which might then run with administrative privileges on an affected system (CVE-2008-2287). |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 32323 |
published | 2008-05-15 |
reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/32323 |
title | Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities |
code |
|
References
- http://marc.info/?l=bugtraq&m=122167472229965&w=2
- http://secunia.com/advisories/30261
- http://www.insomniasec.com/advisories/ISVA-080516.2.htm
- http://www.securityfocus.com/archive/1/492128/100/0/threaded
- http://www.securityfocus.com/archive/1/492228/100/0/threaded
- http://www.securityfocus.com/bid/29199
- http://www.securitytracker.com/id?1020024
- http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
- http://www.vupen.com/english/advisories/2008/1542/references
- http://www.zerodayinitiative.com/advisories/ZDI-08-025/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42437