Symantec Glitch Exposes Server Logins
Symantec acknowledged on Friday that a vulnerability in a corporate version of its antivirus software could expose server username and password information. The company said it is investigating the report.
The hole exists in Symantec AntiVirus Corporate Edition version 9. Either an attacker or regular user would be able to obtain the login information, says Symantec. In order to expose the sensitive data, a user would have to be running a LiveUpdate server.
The LiveUpdate server is responsible for keeping the antivirus product up to date. In order to do so, it requires various details about the server it is protecting, including usernames and passwords.
The login information is then stored in log files created by the product alongside information about the update installed.
While an attacker would need to access the network in order to view the sensitive data, the log files are viewable regardless of user privileges, according to company reports on the vulnerability.
This isn't the first time Symantec has such security problems with its software. In February, Symantec admitted to a critical flaw that could potentially open the door to viruses. The problem affected the company's entire antivirus lineup, including the widely used Norton AntiVirus.