Symantec Glitch Exposes Server Logins

Symantec acknowledged on Friday that a vulnerability in a corporate version of its antivirus software could expose server username and password information. The company said it is investigating the report.

The hole exists in Symantec AntiVirus Corporate Edition version 9. Either an attacker or regular user would be able to obtain the login information, says Symantec. In order to expose the sensitive data, a user would have to be running a LiveUpdate server.

The LiveUpdate server is responsible for keeping the antivirus product up to date. In order to do so, it requires various details about the server it is protecting, including usernames and passwords.

The login information is then stored in log files created by the product alongside information about the update installed.

While an attacker would need to access the network in order to view the sensitive data, the log files are viewable regardless of user privileges, according to company reports on the vulnerability.

This isn't the first time Symantec has such security problems with its software. In February, Symantec admitted to a critical flaw that could potentially open the door to viruses. The problem affected the company's entire antivirus lineup, including the widely used Norton AntiVirus.

7 Responses to Symantec Glitch Exposes Server Logins

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.