• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Symantec Reporting Server Authentication Bypass Vulnerability

Bugtraq ID:	24325
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Jun 05 2007 12:00AM
Updated:	Jun 06 2007 05:10PM
Credit:	This issue was discovered internally by the vendor.
Vulnerable:	Symantec Reporting Server 1.0.197.0 Symantec Client Security 3.1 .401 Symantec Client Security 3.1 .400 Symantec Client Security 3.1 .396 Symantec Client Security 3.1 .394 Symantec Client Security 3.1 Symantec AntiVirus Corporate Edition 10.1 .401 Symantec AntiVirus Corporate Edition 10.1 .400 Symantec AntiVirus Corporate Edition 10.1 .396 Symantec AntiVirus Corporate Edition 10.1 .394 Symantec AntiVirus Corporate Edition 10.1
Not Vulnerable:	Symantec Reporting Server 1.0.224.0 Symantec Client Security 3.1.6.6000 Symantec AntiVirus Corporate Edition 10.1.6.600