Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.Referenceshttp://online.securityfocus.com/archive/1/258293http://marc.info/?l=bugtraq&m=101529792821615&w=2http://www.iss.net/security_center/static/8305.phphttp://www.securityfocus.com/bid/4181
