CVE-1999-1323 is a medium severity vulnerability affecting Norton AntiVirus for Internet Email Gateways (NAVIEG) version 1.0.1.7 and earlier, as well as Norton AntiVirus for MS Exchange (NAVMSE) version 1.5 and earlier. The core issue is the insecure storage of the administrator password in cleartext form. Specifically, NAVIEG stores the password in the navieg.ini configuration file, while NAVMSE stores it in the ModifyPassword registry key. This cleartext storage means that any user or attacker with access to the file system or registry on the affected system can easily retrieve the administrator password without needing to bypass encryption or other protections. The vulnerability has a CVSS score of 4.6 (medium severity) with vector AV:L/AC:L/Au:N/C:P/I:P/A:P, indicating that the attack requires local access but has low complexity and no authentication requirement. Exploiting this vulnerability could lead to partial compromise of confidentiality, integrity, and availability of the antivirus management functions, potentially allowing an attacker to disable or manipulate antivirus settings, which could facilitate further malware infections or data breaches. No patches are available for this vulnerability, and there are no known exploits in the wild. Given the age of the software versions affected (circa 1999), this vulnerability is primarily relevant to legacy systems still running these outdated Norton AntiVirus products.

For European organizations, the impact of this vulnerability depends largely on whether legacy systems running these specific versions of Norton AntiVirus are still in use, particularly in email gateway or Microsoft Exchange server environments. If present, attackers with local access could retrieve administrator passwords and compromise antivirus controls, potentially allowing malware to bypass detection or removal. This could lead to increased risk of malware outbreaks, data loss, or disruption of email services. The confidentiality of sensitive information could be at risk if malware or attackers gain persistence through disabled antivirus protections. However, given the age of the vulnerability and lack of known exploits, the practical risk today is low unless legacy systems remain unpatched and in active use. Organizations relying on modern antivirus solutions are unlikely to be affected.

To mitigate this vulnerability, European organizations should: 1) Identify and inventory any legacy systems running Norton AntiVirus for Internet Email Gateways (NAVIEG) version 1.0.1.7 or earlier, and Norton AntiVirus for MS Exchange (NAVMSE) version 1.5 or earlier. 2) Upgrade or replace these legacy antivirus products with current, supported versions that do not store passwords in cleartext. 3) Restrict local access to systems running these products to trusted administrators only, minimizing the risk of unauthorized password disclosure. 4) Implement strict file system and registry permissions to protect configuration files and registry keys from unauthorized read access. 5) Monitor systems for unusual activity that could indicate antivirus tampering or malware presence. 6) If upgrading is not immediately possible, consider isolating affected systems within segmented network zones to reduce exposure. 7) Educate administrators about the risks of cleartext password storage and enforce strong password policies to reduce impact if disclosure occurs.