Symantec is aware of a recent posting to the SecurityFocus BugTraq mailing list by Javier Sanchez concerning an issue that exposes the LiveUpdate username and password.
According to Mr. Sanchez, Norton Antivirus Corporate Edition stores LiveUpdate username and password information in clear text in the registry on client systems.
A user with access to one of these client systems can run regedit and search for this information in the appropriate registry key.
Symantec's Norton AntiVirus Corporate Edition provides the administrator the ability to push LiveUpdate definitions out to individual clients or to configure each client with a read-only username and password access to an internal local LiveUpdate server to download local updates. While the local username and password were stored in the registry in the clear in LiveUpdate 1.5, LiveUpdate 1.6 and later versions encrypt this username and password by default.
Symantec would like to emphasis that in all instances, the username and password pair is NOT connected with authentication to access Symantec's LiveUpdate server. The username and password in question is ONLY associated with the local network internal server.
Symantec is aware of the issue addressed by Mr. Sanchez and it is not a LiveUpdate issue. Rather it is an internal server issue when passing the username and password to the client system that is affecting the password encryption causing the clear text exposure. This problem is currently being addressed and will be available for update as soon as it is fully tested.
Symantec appreciates the concern of Mr. Javier Sanchez and takes the security of our products very seriously. We would like to re-emphasize however, that this read-only username/password is for internal server access only. Additionally, if company policy is such that all updates are controlled at a centralized server and pushed out to client systems, the issue in question does not exist.
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.