Computer Security

McAfee Virex Virus Scan for Mac OS X symbolic links problem and protection bypass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



McAfee Virex Virus Scan for Mac OS X symbolic links problem and protection bypass
Published:28.02.2007
Source:BUGTRAQ
SecurityVulns ID:7313
Type:local
Level:6/10
Description:Weak permissions and symbolic links problem on /Library/Application/Sypport/Virex/VShieldExecute.txt file creation.
Affected:MCAFEE : Virex 7.7
CVE:CVE-2007-1227 (VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.)
 CVE-2007-1226 (McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.)
Original documentdocumentNetragard Security Advisories, [NETRAGARD-20070220 SECURITY ADVISORY] [McAfee VirusScan for Mac (Virex) Local root exploit and Scan Bypass] (28.02.2007)
Files:McAfee VirusScan for Mac (Virex) Local root exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru