Critical:
Not critical
Impact: Exposure of sensitive information
Where: Local system
Software: Symantec Firewall / VPN 100/200/200R
Description:
Davide Del Vecchio has discovered a security issue in Symantec Firewall / VPN 100/200/200R, possibly allowing malicious people to see passwords.
The problem is that passwords are entered in clear text without being masking in a HTML form. This may allow other people with physical access to see a password when it is entered.
This affects Symantec Firewall / VPN 100, 200, and 200R.
Solution:
Symantec has issued patches.
Symantec Firewall / VPN 200R:
ftp://ftp.symantec.com/public/en...ance/updates/vpn200R_161_app.zip
Symantec Firewall / VPN 200:
ftp://ftp.symantec.com/public/en...iance/updates/vpn200_161_app.zip
Symantec Firewall / VPN 100:
ftp://ftp.symantec.com/public/en...iance/updates/vpn100_161_app.zip
Provided and/or discovered by:
Davide Del Vecchio
http://secunia.com/advisories/11013/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic