Altiris Deployment Solution Aclient Process (aclient.exe) Log File Viewer Local Privilege Escalation

High Nessus Plugin ID 25904


The remote Windows host has a program that is prone to a local privilege escalation attack.


The version of the Altiris Client Agent (aclient) installed on the remote host reportedly contains a flaw whereby local users can use the Log File Viewer to open or execute files on the affected host with SYSTEM privileges.


Upgrade to Altiris Deployment Solution 6.8 SP2 or later.

See Also

Plugin Details

Severity: High

ID: 25904

File Name: altiris_log_file_viewer_priv_escalation.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2007/08/17

Modified: 2015/01/12

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2007-4380

BID: 25232

OSVDB: 44701