---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Learn more: http://secunia.com/network_software_inspector_2/ ---------------------------------------------------------------------- TITLE: Symantec Altiris Deployment Solution Multiple Vulnerabilities SECUNIA ADVISORY ID: SA30261 VERIFY ADVISORY: http://secunia.com/advisories/30261/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Exposure of sensitive information, Privilege escalation, System access WHERE: >From local network SOFTWARE: Altiris Deployment Solution 6.x http://secunia.com/product/4070/ DESCRIPTION: Some vulnerabilities and security issues have been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to gain escalated privileges or manipulate certain data, and by malicious people to disclose sensitive information, conduct SQL injection attacks, and to compromise a vulnerable system. 1) Input passed via unspecified parameters is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows execution of arbitrary code on an affected system. 2) An unspecified error can be exploited to request and obtain encrypted Altiris Deployment Solution domain credentials without authentication. NOTE: Weaknesses in the encryption can potentially result in the unauthorized exposure of these domain credentials. 3) An unspecified error can be exploited to access a privileged command prompt via the user interface of the Altiris Deployment Solution Agent. 4) An unspecified error can be exploited to access a command prompt running with escalated user privileges via a common graphical user interface element (tooltip). 5) Several registry keys are created with improper permissions, which can be exploited to modify or delete these registry keys. 6) Improper permissions can potentially be exploited to replace application components within the installation directory of Deployment Solution, which run with administrative privileges on an affected system. The vulnerabilities and security issues are reported in version 6.8.x and 6.9.x prior to build 6.9.176. SOLUTION: Update to version 6.9.176 or install hotfix (KB 41418): http://kb.altiris.com/ Note: This hotfix requires a rollout of upgraded DS Agent software. PROVIDED AND/OR DISCOVERED BY: 1, 2) The vendor credits Brett Moore of Insomnia Security, working with ZDI. 3 - 6) The vendor credits Alex Hernandez of sybsecurity.com and Eduardo Vela. ORIGINAL ADVISORY: SYM008-012: http://securityresponse.symantec.com/avcenter/security/Content/2008.05.14a.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------