6.4

CVE-2006-0231

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SymantecAntivirus Scan Engine Version5.0.0.24
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.94% 0.774
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19734
http://www.securityfocus.com/archive/1/431734/100/0/threaded
http://www.securityfocus.com/bid/17637
http://www.symantec.com/avcenter/security/Content/2006.04.21.html
http://www.vupen.com/english/advisories/2006/1464
http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0011.html
Patch
Vendor Advisory
http://securitytracker.com/id?1015974
http://www.securityfocus.com/archive/1/431725/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/25973