CVE-2008-2291 - OpenCVE

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Altiris Deployment Solution

Configuration 1 [-]

OR	cpe:2.3:a:symantec:altiris_deployment_solution::::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:-::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2::::::

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=122167472229965&w=2
http://secunia.com/advisories/30261
http://www.insomniasec.com/advisories/ISVA-080516.2.htm
http://www.securityfocus.com/archive/1/492128/100/0/threaded
http://www.securityfocus.com/archive/1/492228/100/0/threaded
http://www.securityfocus.com/bid/29199
http://www.securitytracker.com/id?1020024
http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
http://www.vupen.com/english/advisories/2008/1542/references
http://www.zerodayinitiative.com/advisories/ZDI-08-025/
https://exchange.xforce.ibmcloud.com/vulnerabilities/42437

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-18T14:00:00

Updated: 2024-08-07T08:58:01.691Z

Reserved: 2008-05-18T00:00:00

Link: CVE-2008-2291

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-05-18T14:20:00.000

Modified: 2019-10-09T22:55:40.203

Link: CVE-2008-2291

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-14T00:00:00", "descriptions": [{"lang": "en", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"name": "ADV-2008-1542", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"name": "SSRT080115", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "HPSBMA02369", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"name": "29199", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29199"}, {"name": "symantec-altiris-axengine-info-disclosure(42437)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}, {"name": "1020024", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020024"}, {"name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"name": "30261", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30261"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2291", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm", "refsource": "MISC", "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"name": "ADV-2008-1542", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"name": "SSRT080115", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "HPSBMA02369", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"name": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html", "refsource": "CONFIRM", "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"name": "29199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29199"}, {"name": "symantec-altiris-axengine-info-disclosure(42437)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}, {"name": "1020024", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020024"}, {"name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"name": "30261", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30261"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:01.691Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"name": "ADV-2008-1542", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"name": "SSRT080115", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "HPSBMA02369", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"name": "29199", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29199"}, {"name": "symantec-altiris-axengine-info-disclosure(42437)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}, {"name": "1020024", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020024"}, {"name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"name": "30261", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30261"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2291", "datePublished": "2008-05-18T14:00:00", "dateReserved": "2008-05-18T00:00:00", "dateUpdated": "2024-08-07T08:58:01.691Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA261C52-F28F-4815-B7E4-A32CCAD4E976", "versionEndExcluding": "6.9.176", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:-:*:*:*:*:*:*", "matchCriteriaId": "5327C051-309B-4E80-B96F-6F71C0294C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:*", "matchCriteriaId": "A1363995-0647-4C83-B3DA-360D5433DCA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2:*:*:*:*:*:*", "matchCriteriaId": "9834A783-AB15-489F-A146-0D0D5A9DB5E1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}, {"lang": "es", "value": "axengine.exe en Symantec Altiris Deployment Solution 6.8.x y 6.9.x en versiones anteriores a 6.9.176 genera credenciales con un sal fijado o sin sal, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos adivinar las credenciales de dominio cifradas."}], "id": "CVE-2008-2291", "lastModified": "2019-10-09T22:55:40.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-05-18T14:20:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30261"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/29199"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020024"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}