Spoofing McAfee VirusScan Alerts

 
Spoofing McAfee VirusScan Alerts
Reported June 8 by
Harry Schmillson

VERSIONS EFFECTED
  • McAfee VirusScan 4.03

DESCRIPTION

By default, VirusScan uses a shared network directory for storing inbound alerts. The directory allows all VirusScan users to read, write and delete files in the shared directory.

Because of the loose directory permissions and alert files that are  formatted in plain text, valid virus alerts could be deleted and bogus alerts could be spoofed.

VENDOR RESPONSE

The vendor is aware of this problem however no response was known at the time of this writing.

CREDITS
Discovered and reported by Harry Schmillson

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish