Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
September 6, 2005
1 Min Read
Symantec has posted a patch for a vulnerability in its enterprise anti-virus softwarethat could give attackers systematic access to server usernames and passwords.
First disclosed last week on the Bugtraq security mailing list, the flaw could allow an attacker or unauthorized user to view server usernames and passwords in clear text posted to a log file generated by AntiVirus 9 as it connects to and downloads updates from Symantec's Live Update system.
Any user, whether local or remote, who had access to the network could view the log file and obtain access to the Live Update server. The vulnerability does not affect home and small business users, however; typically, those users connect to Symantec's own Live Update servers for new anti-virus signatures.
On Friday, Symantec published a security advisory and linked to updates for the Live Update client that's used by AntiVirus 9 Corporate.
Symantec also recommended that customers assign a unique name and password for accessing LiveUpdate so that even if this account is obtained, attackers won't be able to gain control of other servers or systems.
You May Also Like