EUVD-2006-0985

Malware in sbrugna...

McAfee VirusScan for Mac (Virex) <= 7.7 - Local Root Exploit

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Following symlinks is bad mmmmmmmmmmkay! $dest = /var/cron/tabs/root; $tgts0 = Virex 7.7.dmg:/Library/Application Support/Virex/VShieldExclude.txt\ ; unless $target = @ARG...

Unfixed XSS vulnerability at www.ballroom-hamburg.de

Security researcher .virex, has submitted on 12/04/2008 a cross-site-scripting XSS vulnerability affecting www.ballroom-hamburg.de, which at the time of submission ranked 2574989 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/04/2008. It is...

Netragard Security Advisory 2007-02-20

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C Advisory Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." POSTING NOTICE - ----------------------------------------------------------------------- If you...

CVE-2007-1227

VShieldCheck in McAfee VirusScan for Mac Virex before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands...

CVE-2007-1226

McAfee VirusScan for Mac Virex before 7.7 patch 1 has weak permissions 0666 for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files...

CVE-2007-1226

McAfee VirusScan for Mac Virex before 7.7 patch 1 has weak permissions 0666 for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files...

CVE-2007-1226

McAfee VirusScan for Mac Virex before 7.7 patch 1 has weak permissions 0666 for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files...

CVE-2007-1226

CVE-2007-1226 affects McAfee VirusScan for Mac (Virex) prior to 7.7 patch 1, where /Library/Application Support/Virex/VShieldExclude.txt has weak permissions (0666). Local users could modify the exclude list and cause Virex to skip scanning of arbitrary files, impacting confidentiality/integrity/...

CVE-2007-1227

CVE-2007-1227 affects McAfee VirusScan for Mac (Virex) prior to 7.7 patch 1. The issue is a local privilege escalation via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, allowing a local user to change permissions of arbitrary files by symlinking to a sensitive target ...

McAfee VirusScan for Mac (Virex) 7.7 - Local Privilege Escalation

McAfee VirusScan for Mac Virex 7.7 - Local Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Following symlinks is bad mmmmmmmmmmkay! $dest = "/var/cron/tabs/root"; $tgts"0" = "Virex 7.7.dmg:"/Library/Application...

McAfee Virex Virus Scan for Mac OS X symbolic links problem and protection bypass

Weak permissions and symbolic links problem on /Library/Application/Sypport/Virex/VShieldExecute.txt file creation...

McAfee VirusScan for Mac (Virex) <= 7.7 Local Root Exploit

Exploit for macOS platform in category local exploits ========================================================== McAfee VirusScan for Mac Virex \n\nTargets:\n\n"; foreach $key sortkeys %tgts $a,$b = split/:/,$tgts"$key"; print "\t$key . $a\n"; print "\n"; exit 1; $a,$b = split/:/,$tgts"$target";...

McAfee VirusScan for Mac (Virex) &lt;= 7.7 Local Root Exploit

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Following symlinks is bad mmmmmmmmmmkay! $dest = "/var/cron/tabs/root"; $tgts"0" = "Virex 7.7.dmg:"/Library/Application Support/Virex/VShieldExclude.txt" "; unless $target...

[NETRAGARD-20070220 SECURITY ADVISORY] [McAfee VirusScan for Mac &#40;Virex&#41; Local root exploit and Scan Bypass]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Netragard, L.L.C Advisory Strategic Reconnaissance Team ------------------------------------------------ http://www.netragard.com -- "We make I.T. Safe." POSTING NOTICE - ----------------------------------------------------------------------- If you...

McAfee VirusScan for Mac (Virex) 7.7 - Local Privilege Escalation

!/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom Following symlinks is bad mmmmmmmmmmkay! $dest = "/var/cron/tabs/root"; $tgts"0" = "Virex 7.7.dmg:"/Library/Application Support/Virex/VShieldExclude.txt" "; unless $target = @ARGV print "\n\nUsage: $0...

McAfee Virex fails to properly authenticate the source of updates

Overview McAfee Virex automatic updates may not properly authenticate the source of updates. This may allow a remote attacker to execute arbitrary commands on a vulnerable system. Description McAfee Virex is anti-virus software for the Mac OS X platform. McAfee Virex 7 for Mac OS X connects to a...

CVE-2006-0982

The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICA...

Design/Logic Flaw

The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICA...

CVE-2006-0982

The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICA...