Vulnerability Details CVE-2009-3110
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.0%
CVSS Severity
CVSS v2 Score 5.8
References
- http://secunia.com/advisories/36502
- http://www.securityfocus.com/bid/36113
- http://www.securitytracker.com/id?1022779
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00
- http://secunia.com/advisories/36502
- http://www.securityfocus.com/bid/36113
- http://www.securitytracker.com/id?1022779
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00
Products affected by CVE-2009-3110
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355