This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Windows host has a deployment server that is affected by
The version of Altiris Deployment Solution installed on the remote
host is reportedly affected by the following vulnerabilities :
- DBManager authentication can by bypassed. A remote
attacker could exploit this to execute arbitrary database
- The Aclient GUI has a privilege escalation vulnerability.
This could allow an unprivileged user to compromise the
- When key-based authentication is being used, it is possible
to issue commands to an agent before the handshake is
completed. A malicious server could exploit this to execute
arbitrary commands as SYSTEM. (CVE-2009-3109)
- Due to a race condition, a malicious user could intercept
a file transfer meant for a legitimate client. This could
result in the disclosure of sensitive information, or a denial
of service. (CVE-2009-3110)
See also :
Upgrade to Altiris Deployment Solution Server 6.9.430 or later.
Risk factor :
High / CVSS Base Score : 7.9
CVSS Temporal Score : 5.8
Public Exploit Available : false
Nessus Plugin ID: 43828 (altiris_deployment_solution_server_6_9_430.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now