Symantec fixes flaw in Norton Corporate Antivirus Solution
September 7th, 2005 Leave a comment Visited 34 times, 3 so far today
Symantec fixes flaw in Norton Corporate Antivirus Solution
Symantec has released updates/patches for their corporate antivirus software, which fixes a flaw, which could result in unauthorized access to a corporate system from an outside source. The flaw existed in the version 9 of the Symantec’s application, which is quite popular in corporate environments to secure their internal networks.
The flaw in the software exposed the server login name and password used by the administrator who had the power to authorize upgradation of the new definition files used by the antivirus application. The company already provides a LiveUpdate application with the software letting users to automatically update their application and the accompanied files.
This utility receives the updates from the LiveUpdate server and stores the transaction details in a log file. The problem was that the username and the password were stored in this log file in simple form. This let the other users on the network to access the details about the application’s administrator leading to further problems through unauthorized access. The company has issued a fix for the problem and has advised the system administrators to update their systems.
The company has also advised for general precaution that administrators of networks in corporate environment should not use the same login information for their products as they use for their networks…
|
TechWhack on Facebook
|
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.