Vulnerability Name:

CVE-2009-3109 (CCN-52797)

Assigned:2009-08-26
Published:2009-08-26
Updated:2013-02-07
Summary:Unspecified vulnerability in the AClient agent in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430, when key-based authentication is being used between a deployment server and a client, allows remote attackers to bypass authentication and execute arbitrary commands as SYSTEM by spoofing the deployment server and sending "alternate commands" before the handshake is completed.
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2009-3109

Source: CCN
Type: SA36502
Symantec Altiris Deployment Solution Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
36502

Source: CCN
Type: SECTRACK ID: 1022779
Symantec Altiris Deployment Solution Multiple Flaws Let Remote Users Modify the Configuration, Execute Arbitrary Commands, and Deny Service

Source: CCN
Type: OSVDB ID: 57460
Symantec Altiris Deployment Solution AClient Agent Handshake Race Condition Remote Authentication Bypass

Source: BID
Type: Patch
36112

Source: CCN
Type: BID-36112
Symantec Altiris Deployment Solution Authentication Handshake Race Condition Security Vulnerability

Source: SECTRACK
Type: UNKNOWN
1022779

Source: CCN
Type: SYM09-011
Symantec Altiris Deployment Solution Multiple Vulnerabilities

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00

Source: XF
Type: UNKNOWN
symantec-ads-aclient-command-execution(52797)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*
  • OR cpe:/a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec altiris deployment solution 6.9
    symantec altiris deployment solution 6.9 sp1
    symantec altiris deployment solution 6.9 sp2
    symantec altiris deployment solution 6.9