Symantec Scan Engine exhibits a vulnerability in the way it generates
the SSL private key used for protecting communications over TCP port
8005. This port is used to exchange sensitive configuration and control
commands between the server and the administrative control application.
While all data over this port is protected using SSL, Rapid7 has found
that every installation of Symantec Scan Engine uses the same private
DSA key. This immutable key cannot be changed by end users and can be
extracted easily from any installation of this product.
This design flaw renders the SSL protection useless. An
man-in-the-middle attacker could easily intercept and decrypt all
communications between Symantec Scan Engine and an administrative