Описание
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-2291
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42437
- http://marc.info/?l=bugtraq&m=122167472229965&w=2
- http://secunia.com/advisories/30261
- http://www.insomniasec.com/advisories/ISVA-080516.2.htm
- http://www.securityfocus.com/archive/1/492128/100/0/threaded
- http://www.securityfocus.com/archive/1/492228/100/0/threaded
- http://www.securityfocus.com/bid/29199
- http://www.securitytracker.com/id?1020024
- http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
- http://www.vupen.com/english/advisories/2008/1542/references
- http://www.zerodayinitiative.com/advisories/ZDI-08-025
EPSS
Процентиль: 84%
0.02166
Низкий
CVE ID
Связанные уязвимости
nvd
больше 17 лет назад
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
EPSS
Процентиль: 84%
0.02166
Низкий