CVE-2008-2291 - OpenCVE

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Altiris Deployment Solution

Configuration 1 [-]

OR	cpe:2.3:a:symantec:altiris_deployment_solution::::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:-::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1::::::
	cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2::::::

References

Link	Resource
http://marc.info/?l=bugtraq&m=122167472229965&w=2	Mailing List Third Party Advisory
http://secunia.com/advisories/30261	Third Party Advisory
http://www.insomniasec.com/advisories/ISVA-080516.2.htm	Third Party Advisory
http://www.securityfocus.com/archive/1/492128/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/492228/100/0/threaded	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/29199	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1020024	Third Party Advisory VDB Entry
http://www.symantec.com/avcenter/security/Content/2008.05.14a.html	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2008/1542/references	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-025/	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/42437	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-18T14:00:00

Updated: 2018-10-11T19:57:01

Reserved: 2008-05-18T00:00:00

Link: CVE-2008-2291

JSON object: View

NVD Information

Status : Modified

Published: 2008-05-18T14:20:00.000

Modified: 2019-10-09T22:55:40.203

Link: CVE-2008-2291

JSON object: View

Redhat Information

No data.

CWE

CWE-255

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-14T00:00:00", "descriptions": [{"lang": "en", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"name": "ADV-2008-1542", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"name": "SSRT080115", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "HPSBMA02369", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"name": "29199", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29199"}, {"name": "symantec-altiris-axengine-info-disclosure(42437)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}, {"name": "1020024", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020024"}, {"name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"name": "30261", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30261"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2291", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm", "refsource": "MISC", "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"name": "20080518 Insomnia : ISVA-080516.2 - Altiris Deployment Solution - Domain Account Disclosure", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"name": "ADV-2008-1542", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"name": "SSRT080115", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "HPSBMA02369", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"name": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html", "refsource": "CONFIRM", "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"name": "29199", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29199"}, {"name": "symantec-altiris-axengine-info-disclosure(42437)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}, {"name": "1020024", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020024"}, {"name": "20080515 ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"name": "30261", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30261"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2291", "datePublished": "2008-05-18T14:00:00", "dateReserved": "2008-05-18T00:00:00", "dateUpdated": "2018-10-11T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA261C52-F28F-4815-B7E4-A32CCAD4E976", "versionEndExcluding": "6.9.176", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:-:*:*:*:*:*:*", "matchCriteriaId": "5327C051-309B-4E80-B96F-6F71C0294C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:*", "matchCriteriaId": "A1363995-0647-4C83-B3DA-360D5433DCA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2:*:*:*:*:*:*", "matchCriteriaId": "9834A783-AB15-489F-A146-0D0D5A9DB5E1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials."}, {"lang": "es", "value": "axengine.exe en Symantec Altiris Deployment Solution 6.8.x y 6.9.x en versiones anteriores a 6.9.176 genera credenciales con un sal fijado o sin sal, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos adivinar las credenciales de dominio cifradas."}], "id": "CVE-2008-2291", "lastModified": "2019-10-09T22:55:40.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-05-18T14:20:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=122167472229965&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30261"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.insomniasec.com/advisories/ISVA-080516.2.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/492128/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/492228/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/29199"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020024"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.symantec.com/avcenter/security/Content/2008.05.14a.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1542/references"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-025/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42437"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}