Vulnerabilities > CVE-2001-1126 - Unspecified vulnerability in Symantec Liveupdate 1.4/1.5/1.6

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

symantec

NVD

Published: 2001-10-05

Updated: 2017-12-19

Summary

Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Liveupdate 1.4 Symantec Liveupdate 1.5 Symantec Liveupdate 1.6	3

References

http://www.sarc.com/avcenter/security/Content/2001.10.05.html
http://www.securityfocus.com/archive/1/218717
http://www.securityfocus.com/bid/3413
https://exchange.xforce.ibmcloud.com/vulnerabilities/7235