VYPR

Deployment Solution

by Symantec

CVEs (30)

  • CVE-2008-2289May 18, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

  • CVE-2008-2288May 18, 2008
    risk 0.00cvss epss 0.00

    Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

  • CVE-2008-2291May 18, 2008
    risk 0.00cvss epss 0.04

    axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

  • CVE-2008-1754Apr 11, 2008
    risk 0.00cvss epss 0.00

    Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

  • CVE-2008-1473Mar 24, 2008
    risk 0.00cvss epss 0.00

    The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack.

  • CVE-2007-5838Nov 6, 2007
    risk 0.00cvss epss 0.00

    Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.

  • CVE-2007-3874Nov 6, 2007
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2007-5555Oct 18, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague…

  • CVE-2007-4380Aug 16, 2007
    risk 0.00cvss epss 0.00

    Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.

  • CVE-2004-2622Dec 31, 2004
    risk 0.00cvss epss 0.03

    AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access.

Page 2 of 2