Multiple Symantec Scan Engine network content filtering server security vulnerabilities
Published:		22.04.2006
Source:		BUGTRAQ
SecurityVulns ID:		6035
Type:		remote
Level:		6/10
Description:		Administrative interface passwords are checked on client side, fixed encryption key is used, critical information leak.

Affected:

SYMANTEC : Symantec Scan Engine 5.0

Original document		Rapid 7 Security Advisories, Rapid7 Advisory R7-0023: Symantec Scan Engine File Disclosure Vulnerability (22.04.2006)
		Rapid 7 Security Advisories, Rapid7 Advisory R7-0022: Symantec Scan Engine Known Immutable DSA Private Key (22.04.2006)
		Rapid 7 Security Advisories, Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error (22.04.2006)
		SYMANTEC, [Symantec Security Advisor] Symantec Scan Engine Multiple Vulnerabilities (22.04.2006)

Files:		Remotely change the administrator password (or password hash) of Symantec Scan Engine
Discuss:		Read or add your comments to this news (0 comments)