CVE

Id
26379  
CVE No.
CVE-2007-3022  
Status
Candidate  
Description
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.  
Phase
Assigned (20070604)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
267146 26379 CVE-2007-3022 CONFIRM:http://www.symantec.com/avcenter/security/Content/2007.06.05.html  View
267147 26379 CVE-2007-3022 BID:24312  View
267148 26379 CVE-2007-3022 URL:http://www.securityfocus.com/bid/24312  View
267149 26379 CVE-2007-3022 OSVDB:36108  View
267150 26379 CVE-2007-3022 URL:http://osvdb.org/36108  View
267151 26379 CVE-2007-3022 VUPEN:ADV-2007-2074  View
267152 26379 CVE-2007-3022 URL:http://www.vupen.com/english/advisories/2007/2074  View
267153 26379 CVE-2007-3022 SECTRACK:1018196  View
267154 26379 CVE-2007-3022 URL:http://www.securitytracker.com/id?1018196  View
267155 26379 CVE-2007-3022 SECUNIA:25543  View
267156 26379 CVE-2007-3022 URL:http://secunia.com/advisories/25543  View
267157 26379 CVE-2007-3022 XF:symantec-reporting-information-disclosure(34740)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
53444 JVNDB-2007-002136 ClamAV の libclamav/others.c における重要な情報を読み取られる脆弱性 ClamAV の libclamav/others.c は、cli_gentempstream 関数によって作成されたテンポラリファイルに安全でないパーミッションを使用するため、重要な情報を読み取られる脆弱性が存在します。 CVE-2007-3024 26379 2.1 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002136.html  View