CVE-2008-2287
https://notcve.org/view.php?id=CVE-2008-2287
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse. Symantec Altiris Deployment Solution 6.8.x y 6.9.x anterior a 6.9.176 no protege correctamente el directorio install, lo que podría permitir a usuarios locales obtener privilegios reemplazando un componente de una aplicación por un troyano. • http://marc.info/?l=bugtraq&m=122167472229965&w=2 http://secunia.com/advisories/30261 http://www.securityfocus.com/bid/29197 http://www.securitytracker.com/id?1020024 http://www.symantec.com/avcenter/security/Content/2008.05.14a.html http://www.vupen.com/english/advisories/2008/1542/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42442 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-2286 – Symantec Altiris Deployment Solution SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2008-2286
SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet. Vulnerabilidad de inyección SQL en axengine.exe en Symantec Altiris Deployment Solution 6.8.x y 6.9.x en versiones anteriores a 6.9.176 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de campos de cadena no especificado en un paquete de notificación. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe process listening by default on TCP port 402. A lack of proper sanitation while parsing requests allows for a remote attacker to inject arbitrary SQL statements into the database. • https://www.exploit-db.com/exploits/29552 http://marc.info/?l=bugtraq&m=122167472229965&w=2 http://osvdb.org/show/osvdb/45313 http://secunia.com/advisories/30261 http://www.exploit-db.com/exploits/29552 http://www.securityfocus.com/archive/1/492127/100/0/threaded http://www.securityfocus.com/archive/1/492229/100/0/threaded http://www.securityfocus.com/bid/29198 http://www.securitytracker.com/id?1020024 http://www.symantec.com/avcenter/security/Content/2008.05.14a • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-2291 – Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2008-2291
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials. axengine.exe en Symantec Altiris Deployment Solution 6.8.x y 6.9.x en versiones anteriores a 6.9.176 genera credenciales con un sal fijado o sin sal, lo que hace que sea más fácil para atacantes remotos adivinar las credenciales de dominio cifradas. This vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe service listening by default on TCP port 402. The service allows a remote client to request encrypted domain credentials without authentication. • http://marc.info/?l=bugtraq&m=122167472229965&w=2 http://secunia.com/advisories/30261 http://www.insomniasec.com/advisories/ISVA-080516.2.htm http://www.securityfocus.com/archive/1/492128/100/0/threaded http://www.securityfocus.com/archive/1/492228/100/0/threaded http://www.securityfocus.com/bid/29199 http://www.securitytracker.com/id?1020024 http://www.symantec.com/avcenter/security/Content/2008.05.14a.html http://www.vupen.com/english/advisories/2008/1542/references http • CWE-255: Credentials Management Errors •