The remote Windows host has a program that is affected by multiple vulnerabilities.
The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by several issues : - A SQL injection vulnerability that could allow a user to run arbitrary code (CVE-2008-2286). - A remote attacker may be able to obtain encrypted Altiris Deployment Solution domain credentials without authentication (CVE-2008-2291). - A local user could leverage a GUI tooltip to access a privileged command prompt (CVE-2008-2289). - A local user can modify or delete several registry keys used by the application, resulting in unauthorized access to system information or disruption of service (CVE-2008-2288). - A local user with access to the install directory of Deployment Solution could replace application components, which might then run with administrative privileges on an affected system (CVE-2008-2287).
Upgrade to Altiris Deployment Solution 6.9.176 or later and update Agents.