Symantec Brightmail AntiSpam Remote Information Disclosure Vulnerability

Symantec Brightmail AntiSpam Remote Information Disclosure Vulnerability

Symantec Brightmail AntiSpam is susceptible to a remote information disclosure vulnerability. This issue is due to a failure of the application to properly ensure that remote database access is properly disabled.

In cases where the affected package was upgraded, rather than freshly installed, remote database access was not properly disabled. Remote access to the database may be simplified for attackers, as the database utilizes a static password.

This vulnerability allows remote attackers to gain access to potentially sensitive database contents.