Detections
Analytics

Altiris Altiris.AeXNSPkgDL.1 ActiveX Control DownloadAndInstall() Method Arbitrary Code Execution

high Nessus Plugin ID 41062

Synopsis

The remote Windows host has an ActiveX control that allows execution of arbitrary code.

Description

The Altiris.AeXNSPkgDL.1 ActiveX control, a component of Altiris Deployment Solution, Altiris Notification Server, and Symantec Management Platform, is installed on the remote Windows host.

The installed version of this control provides an unsafe method, named 'DownloadAndInstall'.

If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this issue could be leveraged to download and execute arbitrary code on the affected system subject to the user's privileges.

Solution

Either set the kill bit or apply the vendor's hotfix to upgrade the control to version 6.0.0.2000 or later.

See Also

http://www.nessus.org/u?81f3a7d5

http://www.nessus.org/u?a59109f4

http://www.symantec.com/business/support/index?page=content&id=TECH44885

Plugin Details

Severity: High

ID: 41062

File Name: altiris_aexnspkgdllib_activex_download.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 9/23/2009

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/23/2009

Vulnerability Publication Date: 9/9/2009

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute)

Reference Information

CVE: CVE-2009-3028

BID: 36346

CWE: 264

Secunia: 36679