Bugtraq mailing list archives
RE: Symantec LiveUpdate
From: "Peter Miller" <pcmiller61 () yahoo com>
Date: Tue, 26 Feb 2002 11:48:05 +0200
Hi All, In a similar vien would anyone with Symantec Ghost V7.0 installed like to comment on this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NGServer\params Ghost creates a special user account on the machine to run the service under but it seems it is storing the password for this account in plain text in the registry. Regards Peter
-----Original Message----- From: Javier Sanchez [mailto:jsanchez157 () hotmail com] Sent: 25 February 2002 07:15 To: bugtraq () securityfocus com Subject: Symantec LiveUpdate Norton Antivirus Corporate Edition includes LiveUpdate. LiveUpdate stores Username and Password information in cleartext in the registry. Depending on your implementation, you may not need LiveUpdate installed at all on your clients. I brought this to Symantec's attention months ago. Since then a new version of LiveUpdate has been released. The information is still not encrypted. Any user with the client installed can run "regedit" search for "password" and viola! Here's a "fix": Paste the following into a .reg file (i.e. nav.reg) and push it out to your clients via login script or whatever: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVe rsion\LiveUpdateSource] "Login"=- "Password"=-
Current thread:
- Symantec LiveUpdate Javier Sanchez (Feb 25)
- RE: Symantec LiveUpdate Peter Miller (Feb 26)
- <Possible follow-ups>
- RE: Symantec LiveUpdate Calanan, Michael (Feb 26)
- Re: Symantec LiveUpdate saabstory (Feb 27)