SYM08-019
October 20, 2008
Symantec Altiris Deployment Solution Local Access Elevation of Privilege in Client GUI

Revision History
None

Severity
Medium

Remote AccessNo
Local AccessYes
Authentication RequiredYes
Exploit publicly availableNo

Overview
A local access elevation of privilege issue has been identified and resolved in the Symantec Altiris Deployment Solution Client GUI. Successful exploitation could result in unauthorized local system access on a client system.

Affected Product(s)
ProductVersionBuildSolution(s)
Altiris Deployment Solution6.XAll6.9.355 SP1

Details
Brett Moore, Insomnia Security, identified Altiris Deployment Solution agents as susceptible to a privilege escalation vulnerability taking advantage of windows messaging to bypass client security settings in the Client GUI. Successful exploitation could lead to an authorized but non-privileged user potentially leveraging local system access on the targeted client system.

Symantec Response
Symantec engineers have verified and resolved this issue in Altiris Deployment Solution 6.9 SP1. Updates are available as follows:

Unzip the update package and double-click on the install file. Follow the installation instructions

Best Practices
As part of normal best practices, Symantec strongly recommends:

References
SecurityFocus, http://www.securityfocus.com, has assigned a Bugtraq ID(BID31766) to this issues for inclusion in the SecurityFocus vulnerability data base.

CVE
A CVE Candidate name will be requested from the Common Vulnerabilities and Exposures (CVE) initiative for this issue. This advisory will be revised accordingly upon receipt of the CVE Candidate name. This issue is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems

Credit
Symantec would like to thank Brett Moore, Insomnia Security, for reporting this issue and providing full coordination while Symantec resolved it.


Last modified on: