Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0344

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0344
Last Modified 05 Sep 2008 04:27:47
Published 25 Jun 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0344

Summary

Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.

Vulnerable Systems

Application

  • Symantec Liveupdate 1.5


References

BID - 4170

XF - nav-liveupdate-plaintext-account(8282)

BUGTRAQ - 20020225 Symantec LiveUpdate

BUGTRAQ - 20020228 Re: "Javier Sanchez" jsanchez157@hotmail.com 02/25/2002 11:14 AM, Symantec


Last Updated: 27 May 2016 10:36:53