2 matches found
CVE-2009-3035
Symantec Altiris Notification Server 6.0.x prior to SP3 R12 stores a static encryption key on the server to encrypt credentials used for discovery and SQL Server access. The hardcoded key can decrypt these credentials, enabling local users to obtain sensitive information and, if decrypted credent...
Altiris Notification Server Static Encryption Key (KB46763)
The remote Windows host is running Symantec Altiris Notification Server 6.0 earlier than SP3 R12. Such versions are potentially affected by a local information disclosure vulnerability because the application uses a static encryption key for encrypted credentials entered by an administrator. C...