Searching symantec axent software vulnerabilities

Configuration error in Axent Raptor Firewall 6.

Configuration | httpnoproxy | attackers | resources | internal | Firewall | access | Raptor | remote | allows | error | Axent | proxy | Rule | set | not | use | web |

Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.


Symantec LiveUpdate 1.4 through 1.6, and possib

LiveUpdate | attackers | versions | possibly | Symantec | through | service | denial | allows | remote | later | cause |

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.


Symantec Ghost 7.0 stores usernames and passwor

NGServer\params | privileges | passwords | plaintext | usernames | attacker | registry | Symantec | stores | allow | Ghost | which | could | gain | key |

Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.


Symantec PCAnywhere 10.x and 11, when started a

AWHOST32exe | privileges | PCAnywhere | interface | attackers | Symantec | started | service | SYSTEM | allows | using | help | gain | 10x | via |

Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.


A certain ActiveX control in Symantec Norton An

AntiVirus | Symantec | control | certain | ActiveX | Norton |

A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs.


Symantec Norton AntiVirus 2002 and 2003 allows

AntiVirus | Symantec | Norton |

Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories.


Multiple unknown vulnerabilities in the ActiveX

vulnerabilities | Clientless | browsers | Symantec | Multiple | unknown | ActiveX | Gateway | HTML | file | VPN |

Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.


Symantec Brightmail AntiSpam before 6.0.2 has a

Brightmail | AntiSpam | Symantec | before |

Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.


The installation of ON Symantec Discovery 4.5.x

installation | Discovery | Symantec | creates | 45x |

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.


Heap-based buffer overflow in Dec2Rar.dll 3.2.1

Dec2Rardll | Heap-based | overflow | buffer |

Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field.


Symantec Brightmail AntiSpam 6.0 build 1 and 2

Brightmail | attackers | AntiSpam | Symantec | service | denial | allows | remote | build | cause |

Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages.


The installation of SQLAnywhere in Symantec Gho

installation | SQLAnywhere | Solutions | Symantec | Suite | Ghost | used |

The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.


SQLAnywhere in Symantec Ghost 8.0 and 8.2, as u

SQLAnywhere | Solutions | Symantec | Suite | Ghost | used |

SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.


Buffer overflow in the login dialog in dbisqlc.

SQLAnywhere | dbisqlcexe | Solutions | overflow | Symantec | Buffer | dialog | login | Suite | Ghost | used |

Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.


The SAVRT.SYS device driver, as used in Symante

AntiVirus | Corporate | Symantec | SAVRTSYS | Edition | device | driver | used | 90x |

The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.


Symantec pcAnywhere 12.5 uses weak default perm

pcAnywhere | Symantec |

Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.


The \Device\SymEvent driver in Symantec Norton

\Device\SymEvent | Personal | Firewall | Symantec | driver | Norton |

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.


Symantec Reporting Server 1.0.197.0, and other

Reporting | Symantec | Server |

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.


Unspecified vulnerability in Symantec Reporting

vulnerability | Unspecified | Reporting | Symantec | Server |

Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.


Buffer overflow in RemoteCommand.DLL in Symante

RemoteCommandDLL | Symantec | overflow | Norton | Buffer | Ghost |

Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function.


Software vulnerabilities results 1 to 20 of 130     
Page: 12345...7