Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2766


Vulnerability Score 2.1 2.1
CVE Id CVE-2005-2766
Last Modified 10 Sep 2008 03:43:31
Published 02 Sep 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server.

Vulnerable Systems


  • Symantec Norton Antivirus

  • Symantec Norton Antivirus 9.0.4


BUGTRAQ - 20050831 Vulnerability in Symantec Anti Virus Corporate Edition v9.x

Last Updated: 27 May 2016 10:40:38