Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1126

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1126
Last Modified 05 Sep 2008 04:25:45
Published 05 Oct 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1126

Summary

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.

Vulnerable Systems

Application

  • Symantec Liveupdate 1.4

  • Symantec Liveupdate 1.5

  • Symantec Liveupdate 1.6


References

BUGTRAQ - 20011005 Symantec LiveUpdate attacks

XF - liveupdate-host-verification(7235)

BID - 3413

CONFIRM - http://www.sarc.com/avcenter/security/Content/2001.10.05.html


Last Updated: 27 May 2016 10:36:32