FYI...

- http://secunia.com/advisories/30261/
Last Update: 2008-05-16
Critical: Moderately critical
Impact: Manipulation of data, Exposure of sensitive information, Privilege escalation, System access
Where: From local network
Solution Status: Vendor Patch
Software: Altiris Deployment Solution 6.x...
...The vulnerabilities and security issues are reported in version 6.8.x and 6.9.x prior to build 6.9.176.
Solution: Update to version 6.9.176 or install hotfix (KB 41418)...
Note: This hotfix requires a rollout of upgraded DS Agent software.
Original Advisory: SYM008-012:
- http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
"SYM008-012 - May 14, 2008
Altiris Deployment Solution Multiple Vulnerabilities
Revision History - May 15, 2008 - Public code has been made available
Severity: One High severity issue / Five Medium severity issues
...Symantec engineers have verified these issues and resolved them in a hotfix for Altiris Deployment Solution 6.9. Customers currently using version 6.8 should upgrade to 6.9 and apply all hotfixes. Proof-of-concept code has been released for the issues identified by Sybsecurity.com .Symantec currently knows of no adverse customer impact from these issues. The following steps are required to access and install the hotfix:
* Go to http://kb.altiris.com/
* Search for KB 41418.
* Select KB link and download upgrade/hotfix file.
* After downloading the file, execute and follow the installer instructions to upgrade Deployment Solution.
Note: This hotfix will require a rollout of upgraded DS Agent software..."