Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0231


Vulnerability Score 6.4 6.4
CVE Id CVE-2006-0231
Last Modified 07 Mar 2011 09:29:37
Published 24 Apr 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Symantec Scan Engine, and possibly other versions before, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.

Vulnerable Systems


  • Symantec Antivirus Scan Engine


VULNWATCH - 20060421 Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key

VUPEN - ADV-2006-1464

XF - sse-insecure-private-key(25973)


BID - 17637

BUGTRAQ - 20060421 [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities

SECTRACK - 1015974

SECUNIA - 19734

Last Updated: 27 May 2016 10:41:35