Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3316

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3316
Last Modified 07 Jul 2013 12:45:30
Published 27 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3316

Summary

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.

Vulnerable Systems

Application

  • Symantec Discovery 6.0

  • Symantec On Command Discovery Standard 4.5

  • Symantec On Command Discovery Web 4.5


References

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2005.10.24.html

BID - 15188

SECTRACK - 1015097

SECUNIA - 17302

SREASON - 112


Last Updated: 27 May 2016 10:40:52