Skip navigation

InterScan SMTP Virus Wall Opens Systems To Attack

Reported November 28, 2000 by Michael Shaffer

  • InterScan SMTP VirusWall


An issue with InterScan SMTP VirusWall, all versions, has been discovered.  During the software installation process, VirusWall uses CACLS to adjust the permissions of the destination directory to, EVERYONE:FULL CONTROL.  The installation process will also create a new share point that also has the permissions EVERYONE:FULL CONTROL.

The modification of permissions and the creation of this share could potentially leave Internet exposed machines vulnerable to other attacks. 


The vendor, InterScan has been notified and claimed to have addressed the problem in version 3.5.  Testing has proven this not to be the case.

It is recommended that administrators manually repair the permissions on the installation directory and remove the share as it seems to serve no purpose and does not effect the operation of the software.

Discovered by
Michael Shaffer

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.