Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

mcaffee.mycio.traversal.txt

🗓️ 12 Jul 2001 00:00:00Reported by Ade245Type 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 29 Views

High risk directory traversal vulnerability in McAfee ASaP VirusScan allows unauthorized file access.

Code
`----- Begin Hush Signed Message from [email protected] -----  
  
-=[ SECURITY ADVISORY ]=-   
  
  
  
McAfee ASaP Virusscan - myCIO HTTP Server Directory Traversal Vulnerabilty  
  
  
  
Date: 28 June 2001  
  
Impact: HIGH  
  
Affected: Any machine running the McAfee Agent ASaP VirusScan Software  
  
Tested on: NT Workstation 4.0, 2000 Professional   
  
  
Overview  
--------  
  
McAfee ASap Virusscan is a Web-based, managed and updated Anti-Virus Service   
for the Desktop Environment. On setup agent software is installed on the   
client machine. This software incorporates what is known as "Rumour Technology"   
that facilitates in the transfer of virus definitions between neigbouring   
machines. This agent software runs as a service ("McAfee Agent") under   
the local system account and uses a light weight HTTP server that listens   
on port 6515.   
  
  
Description   
-----------  
  
This web server is restricted to serve files that are located under \winnt\mycio\agent\rmrcache   
, however it is possible to break out of this by using a specially formatted   
directory traversal URL. This means that an attacker can connect to the   
webserver and view and/or download any file that resides on the target box.   
Due to the fact that the service is running as local system NTFS permissions   
are redundant.  
  
  
Example  
-------  
  
To view the contents of WinNT/Repair enter the following URL into a web   
browser:  
  
  
HTTP://<Target IP Address>:6515/.../.../.../.../winnt/repair  
  
  
  
Workaround  
----------  
  
Disable the McAfee Agent service or alternatively run it under a local user   
account and set the NTFS permissions accordingly.  
  
  
Notes  
-----  
  
McAfee where notified of this issue 28-June-2001  
  
  
  
  
  
----- Begin Hush Signature v1.3 -----  
CqnHbxr849s+SIAlsEWQMkOyxzMYI0IxAT3Iu/barfSw92Cf5YKbosXkv8qdeNDKSUkS  
2R69rXhvAaDngmcreEcOvFZRrGQ1EWyQdczKYceg4sphiNwhRYYqbYWYPkhJyfMP4+Be  
MmfYg4runAF62i8PCzSqUgnQMAuFG3bWb4XFFwDbGIwREX7OIc6KFc3Xd7Cc3+k4VVgs  
/LUxchUhlKhWUDyCKbI76dfGyXW9+ulLKyjj8LwMaiq5iq6w3pqlkF12T/b4B9B3FCOW  
vLxjUlfS9H4si80WA4acwzpe+g0y6ffe7H4nQqcd6bJbQkwzjL3vQH/eNAVFvnEYQCxZ  
WVS7CubjbQGHWFclZBDfSHl2QOC+u9dC+fM17T6NZnoIIEwOpe6U5eQLGw16hyJY2G/9  
LlQAsYIQ5k8g6Ox5Of6lv8LLXmq4ZEqI0Gd8Bs7cy4WYttsYkyIAMyB0tGYoAIMKL0oo  
7VYt05ecR7XDHOvXUAaLeKjOBYXl6a3+A73roR84lH/A  
----- End Hush Signature v1.3 -----  
  
  
This message has been signed with a Hush Digital Signature.   
To verify the signature, please go to www.hush.com/tools  
  
  
Free, encrypted, secure Web-based email at www.hushmail.com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Jul 2001 00:00Current
7.4High risk
Vulners AI Score7.4
mcafee asap virusscandirectory traversal vulnerabilityunauthorized file accesshigh impactworkaround solutions.
29