CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2008-2291 – Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2008-2291
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials. axengine.exe en Symantec Altiris Deployment Solution 6.8.x y 6.9.x en versiones anteriores a 6.9.176 genera credenciales con un sal fijado o sin sal, lo que hace que sea más fácil para atacantes remotos adivinar las credenciales de dominio cifradas. This vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of Symantec Altiris Deployment Solution. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the axengine.exe service listening by default on TCP port 402. The service allows a remote client to request encrypted domain credentials without authentication. • http://marc.info/?l=bugtraq&m=122167472229965&w=2 http://secunia.com/advisories/30261 http://www.insomniasec.com/advisories/ISVA-080516.2.htm http://www.securityfocus.com/archive/1/492128/100/0/threaded http://www.securityfocus.com/archive/1/492228/100/0/threaded http://www.securityfocus.com/bid/29199 http://www.securitytracker.com/id?1020024 http://www.symantec.com/avcenter/security/Content/2008.05.14a.html http://www.vupen.com/english/advisories/2008/1542/references http • CWE-255: Credentials Management Errors •
CVSS: 1.7EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1754
https://notcve.org/view.php?id=CVE-2008-1754
Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory. Symantec Altiris Deployment Solution anterior a 6.9.164 almacena en memoria las contraseñas de Deployment Solution Agent (aka AClient) en texto claro, el cual permite a los usuarios locales obtener información sensible volcando el proceso de memoria AClient.exe. • http://secunia.com/advisories/29771 http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html http://www.osvdb.org/44388 http://www.securityfocus.com/bid/28707 http://www.securitytracker.com/id?1019825 http://www.vupen.com/english/advisories/2008/1197/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41771 • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 65%CPEs: 13EXPL: 0CVE-2007-6020
https://notcve.org/view.php?id=CVE-2007-6020
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file. Múltiples desbordamientos de búfer basados en pila en foliosr.dll en el lector rápido Folio Flat File de Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, permiten a atacentes remotos ejecutar código de su eleccióna través de un valor largo en los atributos de las etiquetas (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS en un fichero .fff. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-104/advisory http://secunia.com/secunia_research/2007-105/advisory http://secunia.com/secunia_research/2007-106/advisory http://secunia.com/secunia_research/2007-107/advisory http://securitytracker.com/id?1019805 http://www-1.ibm.com/support/docview.wss?rs=463 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 80%CPEs: 14EXPL: 0CVE-2007-5405
https://notcve.org/view.php?id=CVE-2007-5405
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. Múltiples desbordamientos de búfer en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar código de su elección a través de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-95/advisory http://secunia.com/secunia_research/2007-96/advisory http://secunia.com/secunia_research/2007-97/advisory http://secunia.com/secunia_research/2007-98/advisory http://securitytracker.com/id?1019805 http://www-1.ibm.com/support/docview.wss?rs=463& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 33%CPEs: 11EXPL: 0CVE-2007-5406
https://notcve.org/view.php?id=CVE-2007-5406
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, no parsea adecuadamente los token largos, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y CPU) a través de un fichero .ag manipulado. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-95/advisory http://secunia.com/secunia_research/2007-96/advisory http://secunia.com/secunia_research/2007-97/advisory http://secunia.com/secunia_research/2007-98/advisory http://securitytracker.com/id?1019805 http://www.securityfocus.com/archive/1/490825/100/0& •