Hi All, In a similar vien would anyone with Symantec Ghost V7.0 installed like to comment on this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NGServer\params Ghost creates a special user account on the machine to run the service under but it seems it is storing the password for this account in plain text in the registry. Regards Peter > -----Original Message----- > From: Javier Sanchez [mailto:jsanchez157@hotmail.com] > Sent: 25 February 2002 07:15 > To: bugtraq@securityfocus.com > Subject: Symantec LiveUpdate > > > Norton Antivirus Corporate Edition includes LiveUpdate. > LiveUpdate stores > Username and Password information in cleartext in the registry. > Depending > on your implementation, you may not need LiveUpdate installed at > all on your > clients. > > I brought this to Symantec's attention months ago. Since then a > new version > of LiveUpdate has been released. The information is still not encrypted. > > Any user with the client installed can run "regedit" search for > "password" > and viola! > > Here's a "fix": > Paste the following into a .reg file (i.e. nav.reg) and push it > out to your > clients via login script or whatever: > REGEDIT4 > > [HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVe > rsion\LiveUpdateSource] > "Login"=- > "Password"=- >
