Vulnerabilities > CVE-2009-3035 - Credentials Management vulnerability in Symantec Altiris Notification Server 6.0

047910
CVSS 4.3 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
symantec
CWE-255
nessus

Summary

The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and possibly execute arbitrary code by decrypting and using these credentials.

Vulnerable Configurations

Part Description Count
Application
Symantec
6

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idALTIRIS_NOTIFICATION_SERVER_KB46763.NASL
descriptionThe remote Windows host is running Symantec Altiris Notification Server 6.0 earlier than SP3 R12. Such versions are potentially affected by a local information disclosure vulnerability because the application uses a static encryption key for encrypted credentials entered by an administrator.
last seen2020-06-01
modified2020-06-02
plugin id44339
published2010-01-29
reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/44339
titleAltiris Notification Server Static Encryption Key (KB46763)