Vulnerabilities > CVE-2009-3035 - Credentials Management vulnerability in Symantec Altiris Notification Server 6.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and possibly execute arbitrary code by decrypting and using these credentials.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Windows |
| NASL id | ALTIRIS_NOTIFICATION_SERVER_KB46763.NASL |
| description | The remote Windows host is running Symantec Altiris Notification Server 6.0 earlier than SP3 R12. Such versions are potentially affected by a local information disclosure vulnerability because the application uses a static encryption key for encrypted credentials entered by an administrator. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 44339 |
| published | 2010-01-29 |
| reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/44339 |
| title | Altiris Notification Server Static Encryption Key (KB46763) |
References
- http://osvdb.org/62010
- http://secunia.com/advisories/38356
- http://www.securityfocus.com/bid/37953
- http://www.securitytracker.com/id?1023521
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100128_00
- http://www.vupen.com/english/advisories/2010/0256
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55952