Symantec patches Altiris solutions
Symantec has released a security update for several of its Altiris resource management products. The web-based management servers in question install a vulnerable ActiveX control in Internet Explorer (IE) that allows attackers to inject and execute arbitrary code in a client. A simple visit to a specially crafted web page is all that is required for an attack to be successful.
Affected are Symantec Altiris Deployment Solution 6.9.x, Symantec Altiris Notification Server 6.0.x and Symantec Management Platform 7.0.x. Nikolas Sotiriu, who discovered the control's susceptibility to the relevant buffer overflow, has already published an exploit which demonstrates the vulnerability by starting the calculator under Windows.
- Symantec Altiris Deployment Solution and Notification Server Management Web Console BrowseandSave ActiveX Overflow, security advisory from Symantec.
- Symantec ConsoleUtilities ActiveX Control Buffer Overflow, advisory from Nikolas Sotiriu.