CVE-1999-1323

Name of the Vulnerable Software and Affected Versions: Norton AntiVirus for Internet Email Gateways versions 1.0.1.7 and earlier Norton AntiVirus for MS Exchange versions 1.5 and earlier

Description: The issue concerns the storage of administrator passwords in cleartext. Specifically, the passwords are stored in the navieg.ini file for Norton AntiVirus for Internet Email Gateways and in the ModifyPassword registry key for Norton AntiVirus for MS Exchange.

Recommendations: For Norton AntiVirus for Internet Email Gateways versions 1.0.1.7 and earlier, consider restricting access to the navieg.ini file to minimize the risk of password exposure. For Norton AntiVirus for MS Exchange versions 1.5 and earlier, restrict access to the ModifyPassword registry key to prevent unauthorized password access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.