McAfee ASaP Directory Traversal

Reported July 11, 2001, by [email protected]

VERSION AFFECTED

 

  • Any machine running McAfee AsaP with myCIO HTTP Server installed

 

DESCRIPTION
A vulnerability exists in the myCIO HTTP server that installs as part of McAfee’s AsaP virus-scanning software package. By connecting to the server running on port 6515 and using a specially formatted directory traversal URL format, an attacker can break out of the root Web directory and view or download files on the system if the attacker knows the file location.

 

DEMONSTRATION 

The discoverer, [email protected], also provided the following example as proof-of-concept:

 

http://<Target IP Address>:6515/.../.../.../.../winnt/repair

 

VENDOR RESPONSE

The vendor, McAfee, was notified on June 28, 2001. As a suitable workaround, users can run the service under a local user account (it installs using the SYSTEM account) and grant permissions accordingly.

 

CREDIT
Discovered by [email protected].

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish