| Titel | MicroWorld Escan Antivirus on Linux 7.0.32 Incorrect Default Permissions |
|---|
| Beschreibung | Installation process from .deb file of Escan Antivirus on Linux has writable database folders by default. These writable folders have engine's databases. Unprivileged user can:
- Delete signatures database, causing Deinal of Service attack.
- Overwrite engine libraries with malicious file, causing Privilege Escalation attack form unprivileged user. |
|---|
| Quelle | ⚠️ https://github.com/hawkteam404/RnD_Public/blob/main/escan_incorrect_default_perm.md |
|---|
| Benutzer | FPT IS Security (UID 72751) |
|---|
| Einreichung | 25.12.2024 09:32 (vor 1 Jahr) |
|---|
| Moderieren | 08.01.2025 12:59 (14 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 290780 [MicroWorld eScan Antivirus 7.0.32 auf Linux Installation /opt/MicroWorld/var/ erweiterte Rechte] |
|---|
| Punkte | 18 |
|---|