InocuLAN creates a directory writable by everyone
| inoculan-bad-permissions (1536) |  High Risk |
Description:
Cheyenne Inoculan creates a shared directory that is writable by anyone. This directory's initial purpose was to aid in automatic updates for Inoculan. However, it is possible for an attacker to place a trojan program into the directory; the trojan program will then be executed by Inoculan.
Consequences:
Gain Privileges
Remedy:
Apply the latest service pack for Inoculan (Service Pack 2A or later), available from the Inoculan Patches Page. See References.
— OR —
Upgrade to Computer Associates' InoculateIT. See References.
References:
- BugTraq Mailing List, Thu, 11 Jun 1998 17:48:16 -0400: Cheyenne Inoculan vulnerability on NT.
- Computer Associates, Inc. Web site: InoculateIT.
- BID-106: Cheyenne InocuLAN Windows NT Share Vulnerability
- CVE-1999-1555: Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with EVERYONE FULL CONTROL permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
Platforms Affected:
- CA Inoculan 4.0
Reported:
Jun 11, 1998
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net