Description
The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Reed Arvin · textlocalwindows
https://www.exploit-db.com/exploits/24754
References (3)
Core 3
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_osvdb
http://www.osvdb.org/15897
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15159
Exploit, Vendor Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0614.html
Scores
EPSS
0.0015
EPSS Percentile
34.7%
Details
Status
published
Products (4)
altiris/client_service
6.0.88
altiris/deployment_solution
5.6 sp1
altiris/deployment_solution
5.6.181
altiris/deployment_solution
6.0
Published
May 16, 2005
Tracked Since
Feb 18, 2026