CVE-2008-1754

Published: Apr 11, 2008Modified: Apr 23, 2026

1.7

Vector

AV:L/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 3.1 / Impact: 2.9

Source: NVD

Description

Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

Affected (3)

Products: Symantec: Altiris Deployment Solution

Symantec

1 product

Altiris Deployment Solution

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Symantec Altiris Deployment Solution	Up to 6.8
Symantec Altiris Deployment Solution	Version 6.8.380
Symantec Altiris Deployment Solution	Version 6.8 sp1

Related CWEs

CWE-310

References (14)

http://secunia.com/advisories/29771

Source: cve@mitre.org

Vendor Advisory

http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html

Source: cve@mitre.org

Patch

http://www.osvdb.org/44388

Source: cve@mitre.org

http://www.securityfocus.com/bid/28707

Source: cve@mitre.org

http://www.securitytracker.com/id?1019825

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1197/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41771

Source: cve@mitre.org

http://secunia.com/advisories/29771