Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Altiris Deployment Solution Client Privilege Escalation - exploit.company
header-logo
Suggest Exploit
vendor:
Altiris Deployment Solution Client
by:
7.5
CVSS
HIGH
Privilege Escalation
269
CWE
Product Name: Altiris Deployment Solution Client
Affected Version From: 5.6 SP1 (Hotfix E)
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows

Altiris Deployment Solution Client Privilege Escalation

A local user can exploit the Altiris Deployment Solution Client interface to escalate privileges.

Mitigation:

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11709/info

Altiris Deployment Solution Client allows a user to activate the client interface by easily launching the software from an icon in the Windows system tray. It is reported that a local user may exploit the client interface to escalate privileges.

It should be noted that although this vulnerability is reported to exist in Altiris Deployment Solution version 5.6 SP1 (Hotfix E) other versions might also be affected.

1. Right click on the Altiris Client Service icon in the Taskbar and choose View Log File
2. Notepad should open. Click File, click Open
3. In the Files of type: field choose All Files
4. Navagate to '%WINDIR%\System32'. Right click on 'cmd.exe' and choose Open
6. A new command shell with launch with SYSTEM privileges

Navigation

Suggest Exploit

Services By CQR