CVE-2009-3110

EUVD-2009-3093
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
Affected Products (NVD)
VendorProductVersion
symantecaltiris_deployment_solution
6.9
symantecaltiris_deployment_solution
6.9:sp1
symantecaltiris_deployment_solution
6.9.164
symantecaltiris_deployment_solution
6.9.176
symantecaltiris_deployment_solution
6.9.355
symantecaltiris_deployment_solution
6.9.355:sp1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/36502
http://www.securityfocus.com/bid/36113
http://www.securitytracker.com/id?1022779
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00
http://secunia.com/advisories/36502
http://www.securityfocus.com/bid/36113
http://www.securitytracker.com/id?1022779
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00