Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
BID:26265
Info
Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
| Bugtraq ID: | 26265 |
| Class: | Design Error |
| CVE: |
CVE-2007-5838 |
| Remote: | No |
| Local: | Yes |
| Published: | Oct 30 2007 12:00AM |
| Updated: | Nov 15 2007 12:39AM |
| Credit: | Mazin Faour of Information Risk Management is credited with the discovery of this vulnerability. |
| Vulnerable: |
Symantec Altiris Deployment Solution 6.8 SP2 Symantec Altiris Deployment Solution 6.8 SP1 Symantec Altiris Deployment Solution 6.8 Symantec Altiris Deployment Solution 6.0 |
| Not Vulnerable: |
Symantec Altiris Deployment Solution 6.8.380.0 |
Discussion
Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary files with 'System' privileges. Successful exploits will completely compromise affected computers.
Symantec Altiris Deployment Solution is prone to a local privilege-escalation vulnerability.
Attackers can exploit this issue to execute arbitrary files with 'System' privileges. Successful exploits will completely compromise affected computers.
Exploit / POC
Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
The vendor has released an advisory and fixes to address this issue. Please see the references for more information.
References
Symantec Altiris Deployment Solution Aclient Local Privilege Escalation Vulnerability
References:
References:
- Altiris Home Page (Altiris)
- SYM07-026: Altiris Deployment Solution Elevation of Privilege (Symantec)