QwikSec

Security Database

CVE

CWE

Training

CVE-2007-1538

Published: Mar 20, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

20070319 RE: Bypassing Mcafee Entreprise Password Protection

mailing-list

x_refsource_BUGTRAQ

http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html

x_refsource_MISC

http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html

x_refsource_MISC

20070317 Bypassing Mcafee Entreprise Password Protection

mailing-list

x_refsource_BUGTRAQ

20070317 Re: Bypassing Mcafee Entreprise Password Protection

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.