PT-2009-5437 · Symantec · Symantec Altiris Deployment Solution

Publicado

2009-09-08

Atualizado

2013-02-07

CVE-2009-3110

CVSS v2.0

5.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Symantec Altiris Deployment Solution versions 6.9.x before 6.9 SP3 Build 430

Description: The issue is related to a race condition in the file transfer functionality. This allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.

Recommendations: For Symantec Altiris Deployment Solution versions 6.9.x before 6.9 SP3 Build 430, update to 6.9 SP3 Build 430 or later to resolve the issue.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

CVE-2009-3110

Produtos afetados

Symantec Altiris Deployment Solution

PT-2009-5437 · Symantec · Symantec Altiris Deployment Solution

CVE-2009-3110

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5