Vulnonym.org

CVE-2008-2286 - Harbourless Ages

Description

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-08-024/ http://www.symantec.com/avcenter/security/Content/2008.05.14a.html http://www.securityfocus.com/bid/29198 http://secunia.com/advisories/30261 http://www.securitytracker.com/id?1020024 http://marc.info/?l=bugtraq&m=122167472229965&w=2 http://www.vupen.com/english/advisories/2008/1542/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42436 http://www.exploit-db.com/exploits/29552 http://osvdb.org/show/osvdb/45313 http://www.securityfocus.com/archive/1/492229/100/0/threaded http://www.securityfocus.com/archive/1/492127/100/0/threaded