3 matches found
Symantec Scan Engine fails to properly perform authentication
Overview Symantec Scan Engine administrative web interface fails to properly authenticate users, which may allow a remote attacker to gain administrative access to the software. Description The Symantec Scan Engine provides a programming interface to Symantec content scanning and virus detection...
CVE-2006-0230
Symantec Scan Engine 5.0.0.24 (and possibly earlier 5.0.x) is affected by an authentication design flaw that trusts the client-side applet to verify passwords. An unauthenticated remote attacker can gain administrative privileges by sending crafted XML requests to the server, effectively bypassin...
Rapid7 Advisory R7-0021: Symantec Scan Engine Authentication Fundamental Design Error
Rapid7, LLC Security Advisory Rapid7 Advisory R7-0021 Symantec Scan Engine Authentication Fundamental Design Error Published: April 21, 2006 Revision: 1.0 http://www.rapid7.com/advisories/R7-0021.html CVE: CVE-2006-0230 1. Affected systems: KNOWN VULNERABLE: o Symantec Scan Engine v5.0.0.24 KNOWN...