CVE-2004-2622

Name of the Vulnerable Software and Affected Versions Altiris Deployment Solution versions 5.x through 6.x

Description The issue concerns a lack of required authentication in AClient.exe, allowing remote malicious servers to gain administrator access if they are the first Deployment Server that AClient.exe connects to.

Recommendations For Altiris Deployment Solution versions 5.x through 6.x, consider implementing additional authentication mechanisms to ensure that only authorized Deployment Servers can connect to AClient.exe. As a temporary workaround, restrict access to AClient.exe to minimize the risk of exploitation.