CVE-2009-3107

Sažetak

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.

Reference

http://secunia.com/advisories/36502
http://www.securityfocus.com/bid/36110
http://www.securitytracker.com/id?1022779
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00

CVSS

Base:	4.8
Impact:	4.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

13-02-2024 - 17:38

Objavljeno

08-09-2009 - 23:30