14 maggio 2008


Security Focus (http://www.securityfocus.com) riporta una collezione di bug in Symantec Altiris Deployment Solution che portano ad attacchi di tipo privilege escalation, accesso non autorizzato al sistema, esecuzione arbiotraria di codice dannoso e SQL-injection.
Di seguito maggiori info:

- Symantec Altiris Deployment Solution Unspecified SQL Injection Vulnerability (http://www.securityfocus.com/bid/29198/info)
- Symantec Altiris Deployment Solution Install Directory Local Privilege Escalation Vulnerability (http://www.securityfocus.com/bid/29197/info)
- Symantec Altiris Deployment Solution Registry Keys Local Unauthorized Access Vulnerability (http://www.securityfocus.com/bid/29196/info)
- Symantec Altiris Deployment Solution Agent User Interface Local Privilege Escalation Vulnerability (http://www.securityfocus.com/bid/29194/info)
- Symantec Altiris Deployment Solution Domain Credential Unauthorized Access Vulnerability (http://www.securityfocus.com/bid/29199/info)


Fonte: SecurityFocus (http://www.securityfocus.com)

ripreso da Secunia:

http://secunia.com/advisories/30261/