Symantec Anti-Virus Tool Puts Server Passwords in Danger
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Symantec Anti-Virus Tool Puts Server Passwords in Danger

Written By
Paul F. Roberts
Paul F. Roberts
Sep 2, 2005
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Symantec Corp. is investigating a report of a security hole in a version of its corporate anti-virus product that could expose sensitive username and password information, the company acknowledged.

The reported security hole affects Symantec Anti Virus Corporate Edition Version 9 and could allow an attacker or nonprivileged user to obtain sensitive server log-in information. Details of the vulnerability were posted on the Bugtraq mailing list Wednesday.

/zimages/3/28571.gifSymantecs Gateway Security 5600 Series offers a wide variety of security functions.Click hereto read more.

The vulnerability affects organizations that have deployed an internal LiveUpdate server, which distributes anti-virus definition updates to Symantec software clients on a corporate network.

To obtain updates from an internal LiveUpdate Server, client systems are configured with the name, IP address and other vital information about the server, as well as a username and password to access it and download the definition updates. While that information is encrypted on the machines hard drive, information about each update that includes the username and password used to access the server are stored in unencrypted form in logs maintained by Symantec Corporate Anti-Virus, according to the Bugtraq posting.

Symantec customers can also obtain updates from external LiveUpdate servers operated by Symantec, where the same problem is not believed to exist.

An attacker would need to be able to log on to a Windows system to view the logs. However, they are accessible to all users with access to a system, and could be used by a low-level user to gain access to the LiveUpdate servers or other secure servers on a network, according to the Bugtraq posting.

A Symantec spokesman said the companys Incident Response team has been notified of the issue and is evaluating the issue now.

The company isnt aware of reports of any customer effects related to the issue.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Paul F. Roberts
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information