Search...

CVE-2000-1128

2001-01-09T05:00:00

ID CVE-2000-1128
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:22:00

Description

The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.

JSON Vulners Source

Initial Source

{"id": "CVE-2000-1128", "bulletinFamily": "NVD", "title": "CVE-2000-1128", "description": "The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse \"common.exe\" program in the C:\\Program Files directory.", "published": "2001-01-09T05:00:00", "modified": "2008-09-05T20:22:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1128", "reporter": "cve@mitre.org", "references": ["http://www.securityfocus.com/bid/1920", "http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0073.html"], "cvelist": ["CVE-2000-1128"], "type": "cve", "lastseen": "2019-05-29T18:07:37", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "957306f30d76f9dc18c61f5262ccc805"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "838ac2f8ecd119580b92e8f46209423d"}, {"key": "cpe23", "hash": "d729de9dd774baf25cf518b5260ca713"}, {"key": "cvelist", "hash": "e1091e11e26f4a12ecae0c4f67defe56"}, {"key": "cvss", "hash": "6f6410364e4cee78bd47ed1fc3d8dd5b"}, {"key": "cvss2", "hash": "4831734af99595d86671882c27d79595"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "e7865a69bd23695cf914c5cb17217cb4"}, {"key": "href", "hash": "66e787a7ac80e555a573ac69b27f7b4c"}, {"key": "modified", "hash": "4dd837b7057a28d17556a5a0cc39194f"}, {"key": "published", "hash": "eaf343a7169d9958e09a698aeda7a33f"}, {"key": "references", "hash": "6973fb1e9a9cfd408a1e84a8fc38451b"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "5b7b6de424c099bc0223bfb0d443abd2"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "91d70e4d7b1affc80b9042192c4aafa44724f43242de0fda86d9b97a3d1cd783", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:6289"]}], "modified": "2019-05-29T18:07:37"}, "score": {"value": 4.5, "vector": "NONE", "modified": "2019-05-29T18:07:37"}, "vulnersScore": 4.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:mcafee:virusscan:4.5"], "affectedSoftware": [{"name": "mcafee virusscan", "operator": "eq", "version": "4.5"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:mcafee:virusscan:4.5:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:01", "bulletinFamily": "software", "description": "## Vulnerability Description\nMcAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called \"command.exe\" in the \"C:\\Pogram Files\" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 4.5 Service Pack 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nMcAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called \"command.exe\" in the \"C:\\Pogram Files\" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.\n## References:\nVendor URL: http://www.networkassociates.com/us/products/mcafee/end_of_life.htm\nMail List Post: http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0011&L=ntbugtraq&F=&S=&P=2187\nISS X-Force ID: 5484\n[CVE-2000-1128](https://vulners.com/cve/CVE-2000-1128)\nBugtraq ID: 1920\n", "modified": "2000-11-03T10:15:24", "published": "2000-11-03T10:15:24", "href": "https://vulners.com/osvdb/OSVDB:6289", "id": "OSVDB:6289", "type": "osvdb", "title": "McAfee VirusScan Improper ImagePath Quoting", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}