Description
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
Product(s):
- Broadcom Arcserve Backup
- Broadcom ARCserve Backup
- Broadcom ARCserve Backup 6.5
- Broadcom ARCserve Backup 6.61
- Broadcom ARCserve Backup 6.61 Sp2a
- Broadcom ARCserve Backup R12.0
- Broadcom ARCserve Backup R12.0 Service Pack 1
- Broadcom ARCserve Backup R12.0 Service Pack 2
- Broadcom ARCserve Backup R12.5
- Broadcom ARCserve Backup R12.5 Service Pack 1
- Broadcom ARCserve Backup R12.5 Service Pack 2
- Broadcom ARCserve Backup R15.0
- Broadcom ARCserve Backup R15.0 Service Pack 1
- Broadcom ARCserve Backup R16.0
- Broadcom ARCserve Backup R16.0 Service Pack 1
- Broadcom Inoculan
- Microsoft Exchange Server
- Microsoft exchange_srv 2000
- Microsoft Exchange Server 2000
- Microsoft Exchange Server 2000 Service Pack 1
- Microsoft Exchange Server 2000 Service Pack 2
- Microsoft Exchange Server 2000 Service Pack 3
- Microsoft exchange_srv 2003
- Microsoft Exchange Server 2003
- Microsoft Exchange Server 2003 Service Pack 1
- Microsoft Exchange Server 2003 Service Pack 2
- Microsoft exchange_srv 2007
- Microsoft Exchange Server 2007
- Microsoft Exchange Server 2007 Service Pack 1
- Microsoft Exchange Server 2007 Service Pack 1 on x64
- Microsoft Exchange Server 2007 Service Pack 2 on x64
- Microsoft Exchange Server 2007 Service Pack 2 for x64 based systems
- Microsoft Exchange Server 2007 Service Pack 2 Update Rollup 1
- Microsoft Exchange Server 2007 Service Pack 2 Update Rollup 2
- Microsoft Exchange Server 2007 Service Pack 2 Update Rollup 3
- Microsoft Exchange Server 2007 Service Pack 2 Update Rollup 4
- Microsoft Exchange Server 2007 Service Pack 2 Update Rollup 5
- Microsoft Exchange Server 2007 Service Pack 3
- Microsoft Exchange Server 2010
- Microsoft Exchange Server 2010 on x64
- Microsoft Exchange Server 2010 for x64 based systems
- Microsoft Exchange Server 2010 Service Pack 1
- Microsoft Exchange Server 2010 Service Pack 2
- Microsoft Exchange Server 2010 Service Pack 3
- Microsoft Exchange Server 2010 Service Pack 3 Rollup20
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 10
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 11
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 12
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 13
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 14
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 15
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 16
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 17
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 18
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 19
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 1
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 20
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 21
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 22
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 23
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 24
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 25
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 26
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 27
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 28
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 29
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 2
- Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 31
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 3
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 4
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 5
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 6
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 7
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 8
- Microsoft Exchange Server 2010 Service Pack 3 Rollup 9
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2013 Cumulative Update 10
- Microsoft Exchange Server 2013 Cumulative Update 11
- Microsoft Exchange Server 2013 Cumulative Update 12
- Microsoft Exchange Server 2013 Cumulative Update 13
- Microsoft Exchange Server 2013 Cumulative Update 14
- Microsoft Exchange Server 2013 Cumulative Update 15
- Microsoft Exchange Server 2013 Cumulative Update 16
- Microsoft Exchange Server 2013 Cumulative Update 17
- Microsoft Exchange Server 2013 Cumulative Update 18
- Microsoft Exchange Server 2013 Cumulative Update 19
- Microsoft Exchange Server 2013 Cumulative Update 1
- Microsoft Exchange Server 2013 Cumulative Update 20
- Microsoft Exchange Server 2013 Cumulative Update 21
- Microsoft Exchange Server 2013 Cumulative Update 22
- Microsoft Exchange Server 2013 Cumulative Update 23
- Microsoft Exchange Server 2013 Cumulative Update 2
- Microsoft Exchange Server 2013 Cumulative Update 3
- Microsoft Exchange Server 2013 Cumulative Update 5
- Microsoft Exchange Server 2013 Cumulative Update 6
- +61 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-1999-1322, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-1999-1322 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.