ID OSVDB:6289 Type osvdb Reporter Richard Fry(RichardFry@halifax.co.uk) Modified 2000-11-03T10:15:24
Description
Vulnerability Description
McAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called "command.exe" in the "C:\Pogram Files" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.
Solution Description
Upgrade to version 4.5 Service Pack 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
McAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called "command.exe" in the "C:\Pogram Files" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.
References:
Vendor URL: http://www.networkassociates.com/us/products/mcafee/end_of_life.htm
Mail List Post: http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0011&L=ntbugtraq&F=&S=&P=2187
ISS X-Force ID: 5484
CVE-2000-1128
Bugtraq ID: 1920
{"type": "osvdb", "published": "2000-11-03T10:15:24", "href": "https://vulners.com/osvdb/OSVDB:6289", "hashmap": [{"key": "affectedSoftware", "hash": "6f4d6ec5e45ff07ddf1c099ce6e3c2cb"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "e1091e11e26f4a12ecae0c4f67defe56"}, {"key": "cvss", "hash": "292f2e293571b0e70e3182b615982dad"}, {"key": "description", "hash": "90283c1866445cee7d75beac4fbf7e11"}, {"key": "href", "hash": "b897e02d6f1b569fb4b537e9cb818b3e"}, {"key": "modified", "hash": "b508cce0b393f69e8686d8b95707de8f"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "b508cce0b393f69e8686d8b95707de8f"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "5d45412e95e84647399890bc75537dda"}, {"key": "title", "hash": "72acb7a1ce89dfc1c8369f0de7059644"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 4.6}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "Richard Fry(RichardFry@halifax.co.uk)", "title": "McAfee VirusScan Improper ImagePath Quoting", "affectedSoftware": [{"operator": "eq", "version": "4.5", "name": "VirusScan"}], "enchantments": {"score": {"vector": "NONE", "value": 7.2}, "vulnersScore": 7.2}, "references": [], "id": "OSVDB:6289", "hash": "677c49b258f89e09b086ac5e359fe1011ce290fa88531a97875431e39eabcc72", "lastseen": "2017-04-28T13:20:01", "cvelist": ["CVE-2000-1128"], "modified": "2000-11-03T10:15:24", "description": "## Vulnerability Description\nMcAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called \"command.exe\" in the \"C:\\Pogram Files\" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 4.5 Service Pack 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nMcAfee VirusScan contains a flaw that may allow a malicious user to execute arbitrary code. The problem is that the default configuration of McAfee VirusScan does not quote the ImagePath variable, which improperly sets the search path. It is possible that the flaw may allow a malicious user to place an arbitrary file called \"command.exe\" in the \"C:\\Pogram Files\" directory, which could be executed with Local System privileges when the computer is rebooted, resulting in a loss of integrity.\n## References:\nVendor URL: http://www.networkassociates.com/us/products/mcafee/end_of_life.htm\nMail List Post: http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0011&L=ntbugtraq&F=&S=&P=2187\nISS X-Force ID: 5484\n[CVE-2000-1128](https://vulners.com/cve/CVE-2000-1128)\nBugtraq ID: 1920\n"}
{"cve": [{"lastseen": "2016-09-03T02:49:54", "references": ["http://www.securityfocus.com/bid/1920", "http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0073.html"], "description": "The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse \"common.exe\" program in the C:\\Program Files directory.", "edition": 1, "reporter": "NVD", "published": "2001-01-09T00:00:00", "title": "CVE-2000-1128", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T02:49:54", "vector": "NONE", "value": 2.1}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2000-1128"], "scanner": [], "cpe": ["cpe:/a:mcafee:virusscan:4.5"], "modified": "2008-09-05T16:22:43", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-1128", "id": "CVE-2000-1128", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
