SYM008-008
March 10, 2008
Symantec Altiris Deployment Server Escalation of Privileges

Revision History
None

Severity
Medium

Remote AccessNo
Local AccessYes
Authentication RequiredYes
Exploit publicly availableNo

Overview
An escalation of privilege vulnerability in the Symantec Altiris Deployment Solution Agent (AClient.exe) has been resolved.

Affected Product(s)
ProductVersionBuildSolution(s)
Altiris Deployment Solution 6.8.xAll6.9.164

Details
The Symantec Altiris Deployment Server Agents are susceptible to privilege escalation vulnerability, commonly known as a shatter attack, which can lead to unauthorized privileged access. This attack is limited to users with login access to systems running the Symantec Altiris Deployment Solution Agent (AClient.exe).

Symantec Response
Symantec engineers have verified and resolved this vulnerability. The following steps are required for remediation of this security issue:

Best Practices
As part of normal best practices, Symantec strongly recommends:

References
SecurityFocus, http://www.securityfocus.com, has assigned a Bugtraq ID(BID) to this issue for inclusion in the SecurityFocus vulnerability data base. The BID assigned is 28110 which can be found at http://www.securityfocus.com/bid/28110.

Credit
Symantec would like to thank Brett Moore of Insomnia Security for reporting this issue and for providing full coordination while Symantec resolved it.


Last modified on: