VULHUB ™

McAfee AsAP VirusScan is a web-based antivirus service. The software allows neighbouring PCs on a network to share virus updates. In order to facilitate this service, a "McAfee Agent" process runs on each system, and hosts a small webserver which serves a limited set of files through TCP port 6515. This webserver is intentionally limited to serving files within \winnt\mycio\agent\rmrcache. However, the service is vulnerable to directory traversal attacks, allowing a remote user to successfully request files from outside this directory scope. By submitting a properly-structured URL incorporating '.../' sequences, a user can ascend from the normally permitted directory tree, and read files from any location on the host filesystem. This could allow an attacker to obtain potentially sensitive or confidential information, which, if properly exploited, could be used to further undermine security on the host.

McAfee AsAP VirusScan is a web-based antivirus service. The software allows neighbouring PCs on a network to share virus updates. In order to facilitate this service, a "McAfee Agent" process runs on each system, and hosts a small webserver which serves a limited set of files through TCP port 6515. This webserver is intentionally limited to serving files within \winnt\mycio\agent\rmrcache. However, the service is vulnerable to directory traversal attacks, allowing a remote user to successfully request files from outside this directory scope. By submitting a properly-structured URL incorporating '.../' sequences, a user can ascend from the normally permitted directory tree, and read files from any location on the host filesystem. This could allow an attacker to obtain potentially sensitive or confidential information, which, if properly exploited, could be used to further undermine security on the host.