多个供应商的病毒扫描回收站排除漏洞

漏洞信息详情

多个供应商的病毒扫描回收站排除漏洞

• CNNVD编号：CNNVD-199912-076
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0119
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  1999-12-22
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  symantec
• 漏洞来源：
  Originally posted …

McAfee病毒扫描和Norton反病毒病毒检查程序中的默认配置存在漏洞，攻击者利用该漏洞存储未经检测的恶意代码，导致McAfee病毒扫描和Norton反病毒病毒检查程序不能检测回收站Recycled文件夹中的文件。

Remove ‘\Recycled’ from the exclusion list of you antivirus software.
Each vendor has a different mechanism for editing the exclusion list.
NAI / McAffee:
There is an ‘Exclusions’ tab in the settings. From there you can delete the entry for the ‘\Recycled folder.
Symantec NAV2000:
There is no option in the interface to remove the Recycled folder from the exclusion list. To do this, you need to use a hex editor to remove the string from the ‘exclude.dat’ file. Max Vision has created an exclude.dat file with the Recycled folder removed, it is available at:
http://www.securityfocus.com/data/vulnerabilities/patches/exclude.dat
or
http://maxvision.net/nav/exclude.dat
Note: This patch will reset all other exclusion settings to the default values. See Max Vision’s bugtraq post (linked to in the ‘credit’ section) for more information.

来源: BUGTRAQ
名称: 20000130 Bypass Virus Checking
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=94936267131123&w=2