CVE-2008-1754

Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:altiris_deployment_solution:*:sp2:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380:*:*:*:*:*:*:*

History

21 Nov 2024, 00:45

Type Values Removed Values Added
References () http://secunia.com/advisories/29771 - Vendor Advisory () http://secunia.com/advisories/29771 - Vendor Advisory
References () http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html - Patch () http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html - Patch
References () http://www.osvdb.org/44388 - () http://www.osvdb.org/44388 -
References () http://www.securityfocus.com/bid/28707 - () http://www.securityfocus.com/bid/28707 -
References () http://www.securitytracker.com/id?1019825 - () http://www.securitytracker.com/id?1019825 -
References () http://www.vupen.com/english/advisories/2008/1197/references - () http://www.vupen.com/english/advisories/2008/1197/references -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/41771 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/41771 -

Information

Published : 2008-04-11 21:05

Updated : 2024-11-21 00:45


NVD link : CVE-2008-1754

Mitre link : CVE-2008-1754

CVE.ORG link : CVE-2008-1754


JSON object : View

Products Affected

symantec

  • altiris_deployment_solution
CWE
CWE-310

Cryptographic Issues