Vulnerability Description
Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Altiris Deployment Solution | <= 6.8 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29771Vendor Advisory
- http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.htmlPatch
- http://www.osvdb.org/44388
- http://www.securityfocus.com/bid/28707
- http://www.securitytracker.com/id?1019825
- http://www.vupen.com/english/advisories/2008/1197/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41771
- http://secunia.com/advisories/29771Vendor Advisory
- http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.htmlPatch
- http://www.osvdb.org/44388
- http://www.securityfocus.com/bid/28707
- http://www.securitytracker.com/id?1019825
- http://www.vupen.com/english/advisories/2008/1197/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41771
FAQ
What is CVE-2008-1754?
CVE-2008-1754 is a vulnerability with a CVSS score of 1.7 (LOW). Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dump...
How severe is CVE-2008-1754?
CVE-2008-1754 has been rated LOW with a CVSS base score of 1.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1754?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Altiris Deployment Solution.