Symantec Altiris Deployment Solution Local Privilege Escalation Vulnerability

Bugtraq ID:	25232
Class:	Unknown
CVE:	CVE-2007-4380 CVE-2007-5555
Remote:	No
Local:	Yes
Published:	Aug 13 2007 12:00AM
Updated:	Jul 05 2016 10:00PM
Credit:	Andy Davis of Information Risk Management is credited with the discovery of this vulnerability.
Vulnerable:	Symantec Altiris Deployment Solution 6.8 SP1 Symantec Altiris Deployment Solution 6.8 Symantec Altiris Deployment Solution 6.0
Not Vulnerable:	Symantec Altiris Deployment Solution 6.8 SP2

Symantec Altiris Deployment Solution Local Privilege Escalation Vulnerability

Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to execute arbitrary commands with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

Symantec Altiris Deployment Solution Local Privilege Escalation Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Symantec Altiris Deployment Solution Local Privilege Escalation Vulnerability

Solution:
The vendor released an update to address this issue. Please see the references for more information.


Symantec Altiris Deployment Solution 6.0

• Symantec Deployment Solutions for Servers 6.8 SP2
  http://www.altiris.com/download.aspx

Symantec Altiris Deployment Solution 6.8 SP1

• Symantec Deployment Solutions for Servers 6.8 SP2
  http://www.altiris.com/download.aspx

Symantec Altiris Deployment Solution 6.8

• Symantec Deployment Solutions for Servers 6.8 SP2
  http://www.altiris.com/download.aspx

Symantec Altiris Deployment Solution Local Privilege Escalation Vulnerability

References:

• Altiris Deployment Solution Homepage (Symantec)
  
• SYM07-022 Altiris Deployment Solution Elevation of Privilege (Symantec)