Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore point images are configured, encrypt network share credentials with a key formed by a hash of the username, which allows local users to obtain the credentials by calculating the key.
2007-04-30T22:19:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 6.8 (MEDIUM)
AV:L/AC:L/Au:S/C:C/I:C/A:C
3.1
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | symantec | backupexec_system_recovery | 6.5 | Yes |
| Application | symantec | backupexec_system_recovery | 6.52 | Yes |
| Application | symantec | backupexec_system_recovery | 6.52a | Yes |
| Application | symantec | backupexec_system_recovery | 6.53 | Yes |
| Application | symantec | livestate_recovery | 6.0 | Yes |
| Application | symantec | livestate_recovery | 6.01 | Yes |
| Application | symantec | livestate_recovery | 6.02 | Yes |
| Application | symantec | norton_ghost | 10.0 | Yes |
| Application | symantec | norton_ghost | 10.0 | Yes |
| Application | symantec | norton_ghost | 10.01 | Yes |
| Application | symantec | norton_save_and_recovery | 1.01 | Yes |
| Application | symantec | norton_save_and_recovery | 1.01b | Yes |
| Application | symantec | norton_save_and_recovery | 11.0 | Yes |
| Application | symantec | norton_save_and_recovery | 11.01 | Yes |
| Application | symantec | norton_save_and_recovery | 11.01b | Yes |