Skip navigation
Menu
Security

McAfee ASaP Directory Traversal

Reported July 11, 2001, by [email protected].

VERSION AFFECTED

 

  • Any machine running McAfee AsaP with myCIO HTTP Server installed

 

DESCRIPTION
A vulnerability exists in the myCIO HTTP server that installs as part of McAfee’s AsaP virus-scanning software package. By connecting to the server running on port 6515 and using a specially formatted directory traversal URL format, an attacker can break out of the root Web directory and view or download files on the system if the attacker knows the file location.

 

DEMONSTRATION 

The discoverer, [email protected], also provided the following example as proof-of-concept:

 

http://<Target IP Address>:6515/.../.../.../.../winnt/repair

 

VENDOR RESPONSE

The vendor, McAfee, was notified on June 28, 2001. As a suitable workaround, users can run the service under a local user account (it installs using the SYSTEM account) and grant permissions accordingly.

 

CREDIT
Discovered by [email protected].

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024
cleaning products
6 Essential Steps for Spring Cleaning Your Website
Mar 21, 2024