Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Norton Antivirus LiveUpdate功能明文存放认证信息漏洞
Vulnerability Description
Symantec Norton AntiVirus有一个称为LiveUpdate的功能,它通过internet的Symantec站点上获得信息检查病毒库的更新情况,下载并安装它。 这个过程可以计划运行也可以手工执行。 AntiVirus实现上存在问题,本地攻击者可能轻易得到LiveUpdate的认证信息。 LiveUpdate的认证信息以明文的形式存放在注册表中,一个本地攻击者可以很容易地获取这些信息。其他使用LiveUpdate功能的产品也受此问题的影响。
CVSS Information
N/A
Vulnerability Type
N/A