| Title | MicroWorld Escan Antivirus on Linux 7.0.32 Incorrect Default Permissions |
|---|
| Description | Installation process from .deb file of Escan Antivirus on Linux has writable database folders by default. These writable folders have engine's databases. Unprivileged user can:
- Delete signatures database, causing Deinal of Service attack.
- Overwrite engine libraries with malicious file, causing Privilege Escalation attack form unprivileged user. |
|---|
| Source | ⚠️ https://github.com/hawkteam404/RnD_Public/blob/main/escan_incorrect_default_perm.md |
|---|
| User | FPT IS Security (UID 72751) |
|---|
| Submission | 12/25/2024 09:32 AM (2 months ago) |
|---|
| Moderation | 01/08/2025 12:59 PM (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 290780 [MicroWorld eScan Antivirus 7.0.32 on Linux Installation /opt/MicroWorld/var/ default permission] |
|---|
| Points | 18 |
|---|