This Metasploit module exploits a SQL injection flaw in Symantec Altiris Deployment Solution 6.8 to 6.9.164. The vulnerability exists on axengine.exe which fails to adequately sanitize numeric input fields in "UpdateComputer" notification Requests. In order to spawn a shell, several SQL injections are required in close succession, first to enable xp_cmdshell, then retrieve the payload via TFTP and finally execute it. The module also has the capability to disable or enable local application authentication. In order to work the target system must have a tftp client available.
0e3a942ab280498a695c23461a8d0a229e06c84edd64ed4f0b821529fe187516HP Security Bulletin - Potential vulnerabilities have been identified with HP ProLiant Essentials Rapid Deployment Pack (RDP) running Symantec Altiris Deployment Solution. The vulnerabilities could be exploited remotely to perform SQL injection or to gain extended privileges. The vulnerabilities could be exploited locally to gain extended privileges or to cause a Denial of Service (DoS).
be4e2da79288ccc406599b1da3d57c11778c5b81433e88411811be65d2670afb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed