PT-2009-5437 · Symantec · Symantec Altiris Deployment Solution

Published

2009-09-08

Updated

2013-02-07

CVE-2009-3110

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Symantec Altiris Deployment Solution versions 6.9.x before 6.9 SP3 Build 430

Description: The issue is related to a race condition in the file transfer functionality. This allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.

Recommendations: For Symantec Altiris Deployment Solution versions 6.9.x before 6.9 SP3 Build 430, update to 6.9 SP3 Build 430 or later to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2009-3110

Affected Products

Symantec Altiris Deployment Solution

PT-2009-5437 · Symantec · Symantec Altiris Deployment Solution

CVE-2009-3110

Weakness Enumeration

Related Identifiers

Affected Products

References · 5