CVE-2008-1754
First published: Fri Apr 11 2008(Updated: )
Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Altiris Deployment Solution | =6.8-sp1 | |
| Symantec Altiris Deployment Solution | =6.8.380 | |
| Symantec Altiris Deployment Solution | <=6.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html
- http://www.securityfocus.com/bid/28707
- http://www.securitytracker.com/id?1019825
- http://secunia.com/advisories/29771
- http://www.osvdb.org/44388
- http://www.vupen.com/english/advisories/2008/1197/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41771
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec altiris deployment solution
- version/symantec altiris deployment solution/6.8-sp1
- version/symantec altiris deployment solution/6.8.380
- version/symantec altiris deployment solution/6.8