Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: "Peter Miller" pcmiller61 () yahoo com, 02/26/2002 03:48 AM RE: Symantec LiveUpdate
From: "Sym Security" <symsecurity () symantec com>
Date: Fri, 1 Mar 2002 09:19:27 -0600


Re:  "Peter Miller" pcmiller61 () yahoo com, 02/26/2002 03:48 AM RE:  Symantec
LiveUpdate
Hi All,

In a similar vien would anyone with Symantec Ghost V7.0 installed like to
comment on this key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NGServer\params

Ghost creates a special user account on the machine to run the service
under
but it seems it is storing the password for this account in plain text in
the registry.

Regards
Peter

-------------------------------------------------
Symantec Response
This is not the same type of issue reported in the original posting by
Javier Sanchez, "Javier Sanchez" jsanchez157 () hotmail com 02/25/2002 11:14
AM, Symantec LiveUpdate"

During the installation process for Symantec Ghost Corporate Edition, the
key in question is created with Administrator access only by default.
Normal best practice procedures of administrators allowing "least
privilege" access to normal system users would preclude access to any
unauthorized registry information by anyone other than a user with
administrator privileges.

Unauthorized access to the system registry presents security concerns for
any program(s), which use the registry to persist data.   Protection of
your system includes restricting physical access to your system and
restricting administrative privileges.

Symantec take the security of our products very seriously and appreciates
the concerns of Mr. Miller.  Symantec is constantly working to improve our
products and we will be reviewing additional protective measures for this
key in future upgrades.

Please direct any Symantec product security concerns to SymSecurity at
symsecurity () symantec com 

Disclaimer
The information in the advisory is believed to be accurate at the time of
printing based on currently available information. Use of the information
constitutes acceptance for use in an AS IS condition. There are no
warranties with regard to this information. Neither the author nor the
publisher accepts any liability for any direct, indirect or consequential
loss or damage arising from use of, or reliance on this information.
Symantec, Symantec product names and Sym Security are Registered Trademarks
of Symantec Corp. and/or affiliated companies in the United States and
other countries. All other registered and unregistered trademarks
represented in this document are the sole property of their respective
companies/owners.



  By Date           By Thread  

Current thread:
  • Re: "Peter Miller" pcmiller61 () yahoo com, 02/26/2002 03:48 AM RE: Symantec LiveUpdate Sym Security (Mar 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]