Altiris Deployment Solution 6.9.x < 6.9.430 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5143
SynopsisThe remote Windows host is vulnerable to multiple attack vectors.
DescriptionThe version of Altiris Deployment Solution installed on the remote host is earlier than 6.9 SP3 Build 430. Such versions are potentially affected by multiple issues :
- An authentication bypass vulnerability when 'DBManager' authentication is used.
- An authentication-bypass vulnerability caused by a race condition when files are transfered from the server to a client.
A local privilege escalation vulnerability in the 'Aclient' client GUI.
- A race-condition exists in the 'AClient' client application that an attacker can exploit to execute malicious commands with SYSTEM-level privileges.
SolutionUpgrade to Altiris Deployment Solution 6.9 SP3 Build 430