Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Backupexec_system_recovery | Symantec | 6.5 (including) | 6.5 (including) |
| Backupexec_system_recovery | Symantec | 6.52 (including) | 6.52 (including) |
| Backupexec_system_recovery | Symantec | 6.52a (including) | 6.52a (including) |
| Backupexec_system_recovery | Symantec | 6.53 (including) | 6.53 (including) |
| Livestate_recovery | Symantec | 6.0 (including) | 6.0 (including) |
| Livestate_recovery | Symantec | 6.01 (including) | 6.01 (including) |
| Livestate_recovery | Symantec | 6.02 (including) | 6.02 (including) |
| Norton_ghost | Symantec | 10.0 (including) | 10.0 (including) |
| Norton_ghost | Symantec | 10.01 (including) | 10.01 (including) |
| Norton_save_and_recovery | Symantec | 1.01 (including) | 1.01 (including) |
| Norton_save_and_recovery | Symantec | 1.01b (including) | 1.01b (including) |
| Norton_save_and_recovery | Symantec | 11.0 (including) | 11.0 (including) |
| Norton_save_and_recovery | Symantec | 11.01 (including) | 11.01 (including) |
| Norton_save_and_recovery | Symantec | 11.01b (including) | 11.01b (including) |