Alerte pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
Informations
Metrics
| Metric | Score | Sévérité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 7.2 | AV:L/AC:L/Au:N/C:C/I:C/A:C | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
EPSS Score
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
EPSS Percentile
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 19733
Date de publication : 1999-12-21 23:00 +00:00
Auteur : Neil Bortnak
EDB Vérifié : Yes
McAfee VirusScan 4.0,Network Associates VirusScan for Windows NT 4.0.2/4.0.3 a,Symantec Norton AntiVirus 2000 Recycle Bin Exclusion Vulnerability
source: https://www.securityfocus.com/bid/956/info
Many commercial virus scanners for Windows platforms exclude the Recycled folder on the hard drive from their scans. The Recycled folder is where Win9x operating systems keep files that have been deleted via the GUI but not purged from the Recycle Bin. Files of any nature can be manually placed in the Recycled folder. Therefore, it is possible for any user or program to put code into that folder that will never be subject to virus scans.
Although WinNT makes use of a folder called 'Recycler' for similar purposes, many virus scanners for NT still have the 'Recycled' folder listed in the exclusions.
Note that other virus scanners than those listed under the 'info' tab may be vulnerable as well.
This exploit will install a 'decoy' executable to the desktop, and install a file (winsetup.dll) containing an eicar.com virus signature into the Recycled folder. The hostile code is originally XORed with 25 to get it past active detection, but is then restored to its regular executable state after being placed into the recycled folder.
The zip file contains the executable exploit, and source for the installer and the decoy.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19733.zip
Products Mentioned
Configuraton 0
Mcafee>>Virusscan >> Version *
- Mcafee>>Virusscan >> Version - (Open CPE detail)
- Mcafee>>Virusscan >> Version 4.0.3 (Open CPE detail)
- Mcafee>>Virusscan >> Version 4.4 (Open CPE detail)
- Mcafee>>Virusscan >> Version 4.5 (Open CPE detail)
- Mcafee>>Virusscan >> Version 4.5.1 (Open CPE detail)
- Mcafee>>Virusscan >> Version 7.0 (Open CPE detail)
- Mcafee>>Virusscan >> Version 8.0.0 (Open CPE detail)
- Mcafee>>Virusscan >> Version 10.0.27 (Open CPE detail)
Symantec>>Norton_antivirus >> Version *
- Symantec>>Norton_antivirus >> Version - (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 1.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 2.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 2.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 2.5 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 2.18_build_83 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 5.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.0.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.0.1.501 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.0.825a (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.319 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.319 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.323 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.323 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.329 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.329 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.366 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1.377 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.1.1_build8.1.1.314a (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.434 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.434 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.437 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.437 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.446 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.446 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.457 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.457 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.460 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.460 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.464 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.464 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.471 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 8.01.471 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.0.338 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.1.1.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.1.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.2 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.2.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.3 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.3.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.4 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.4 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.4 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.5 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.5.1100 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 9.0.6.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.0 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.0.359 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.1.1000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.1.1007 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.1.1008 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2000 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2001 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2002 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2010 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2011 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2020 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.0.2.2021 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 10.1 (Open CPE detail)
- Symantec>>Norton_antivirus >> Version 2004 (Open CPE detail)
References
2024©
tesweb SA
