|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=619
|
| |
Vulnerable Systems:
* Altiris Deployment Solution for Windows version 6.8 (pxemtftp.exe version 6.8.8297.48)
Immune Systems:
*
Altiris Deployment Solution includes a tftp/mtftp server within its optional PXE server component which suffers from a directory traversal condition. The server runs with SYSTEM level privileges and allows unauthenticated attackers to download any file on the system.
Analysis:
Exploitation allows attackers to read arbitrary files from the server machine. The tftp/mftp daemon runs with SYSTEM level privileges, so any file readable by SYSTEM with a known file path can be downloaded without authentication.
Workaround:
If the PXE server component is not required in your environment it should be disabled.
Vendor response:
Symantec Altiris has addressed this vulnerability by releasing a HotFix. More information is available in Symantec's advisory at the following URL: http://www.symantec.com/avcenter/security/Content/2007.10.31.html
CVE Information:
CVE-2007-3874
Disclosure timeline:
07/13/2007 - Initial vendor notification
07/16/2007 - Initial vendor response
10/31/2007 - Public disclosure
|
|
|
|
|
