Reported July 11, 2001, by [email protected]
Any machine running McAfee AsaP with myCIO HTTP Server installed
A vulnerability exists in the myCIO HTTP server that installs as part of McAfee’s AsaP virus-scanning software package. By connecting to the server running on port 6515 and using a specially formatted directory traversal URL format, an attacker can break out of the root Web directory and view or download files on the system if the attacker knows the file location.
The discoverer, [email protected], also provided the following example as proof-of-concept:
http://<Target IP Address>:6515/.../.../.../.../winnt/repair
The vendor, McAfee, was notified on June 28, 2001. As a suitable workaround, users can run the service under a local user account (it installs using the SYSTEM account) and grant permissions accordingly.
Discovered by [email protected].