Symantec Altiris Deployment Solution is a set of tools that provide software deployment functions. It can be run on multiple platforms such as Windows, Linux and so on. And it can be used remotely to deploy an operating system or applications to multiple computers in a batch.
When Symantec Altiris Deployment Solution is used as a web console, an ActiveX control AeXNSPkgDLLib.dll has to be installed on the client. The associated ClassID for this control is "63716E93-033D-48B0-8A2F-8E8473FD7AC7" and its ProgID is "Altiris.AeXNSPkgDL". It can be instantiated in a web page using the
Where the remote file http://172.16.8.170/file.exe will be save as the local file "C:file.exe". No confirmation dialog is presented to the user to alert them on the procedure.
Since a malicious program can easily be downloaded into the target without the user's knowledge, this design flaw is considered as remote program execution vulnerability. In addition, DownloadAndInstall provides arbitrary program execution facility with its InstCmdLine parameter. These methods can be leveraged by attackers to execute arbitrary programs on the vulnerable host.
SonicWall has release an IPS signature to detect and block generic attack attempts targeting this vulnerability. The following signature has been released: