CVE-2009-3107

Published: Sep 8, 2009Modified: Apr 23, 2026

4.8

Vector

AV:A/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 6.5 / Impact: 4.9

Source: NVD

Description

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.

Affected (3)

Products: Symantec: Altiris Deployment Solution

1 product

Altiris Deployment Solution

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Symantec Altiris Deployment Solution	Version 6.9
Symantec Altiris Deployment Solution	Version 6.9 sp1
Symantec Altiris Deployment Solution	Version 6.9 sp2

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (8)

http://secunia.com/advisories/36502

Source: cve@mitre.org

Broken LinkVendor Advisory

http://www.securityfocus.com/bid/36110

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1022779

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00

Source: cve@mitre.org

Broken Link

http://secunia.com/advisories/36502

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

http://www.securityfocus.com/bid/36110

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1022779

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.