McAfee Virex 6.2/7.7 crontab library/application access control
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as problematic has been found in McAfee Virex 6.2/7.7. The affected element is an unknown function in the library library/application of the component crontab. Such manipulation leads to access control. This vulnerability is referenced as CVE-2007-1227. Furthermore, an exploit is available. The affected component should be upgraded.
Details
A vulnerability was found in McAfee Virex 6.2/7.7. It has been rated as critical. Affected by this issue is an unknown part in the library library/application of the component crontab. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-264. Impacted is confidentiality, integrity, and availability. CVE summarizes:
VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
The bug was discovered 02/20/2007. The weakness was published 02/27/2007 by Kevin Finisterre (Website). The advisory is shared for download at knowledge.mcafee.com. This vulnerability is handled as CVE-2007-1227 since 03/02/2007. The attack needs to be approached locally. A simple authentication is necessary for exploitation. Technical details as well as a public exploit are known. The MITRE ATT&CK project declares the attack technique as T1068.
A public exploit has been developed by Kevin Finisterre in Perl and been published 18 hours after the advisory. The exploit is available at securityfocus.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 7 days. During that time the estimated underground price was around $5k-$25k.
Upgrading to version 7.7 eliminates this vulnerability.
The vulnerability is also documented in the databases at X-Force (32729), Exploit-DB (3386), SecurityFocus (BID 22744†), OSVDB (33797†) and Secunia (SA24337†). Similar entry is available at VDB-35359. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Vendor
Name
Version
License
Website
- Vendor: https://www.mcafee.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.8VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.8
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Author: Kevin Finisterre
Programming Language: 🔍
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Upgrade: Virex 7.7
Timeline
02/20/2007 🔍02/27/2007 🔍
02/27/2007 🔍
02/27/2007 🔍
02/28/2007 🔍
02/28/2007 🔍
02/28/2007 🔍
02/28/2007 🔍
02/28/2007 🔍
03/02/2007 🔍
03/02/2007 🔍
05/25/2009 🔍
03/13/2015 🔍
03/29/2025 🔍
Sources
Vendor: mcafee.comAdvisory: knowledge.mcafee.com
Researcher: Kevin Finisterre
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2007-1227 (🔍)
GCVE (CVE): GCVE-0-2007-1227
GCVE (VulDB): GCVE-100-35360
X-Force: 32729
SecurityFocus: 22744 - McAfee VirusScan Virex Insecure File Creation and Scan Bypass Vulnerabilities
Secunia: 24337
OSVDB: 33797 - McAfee VirusScan for Mac (Virex) VShieldExclude.txt Symlink Arbitrary File Permission Modification
SecurityTracker: 1017707
Vulnerability Center: 22155 - McAfee VirusScan for mac <= 7.7 Local Arbitrary code Execution with Root Privileges Vulnerability, Medium
Vupen: ADV-2007-0777
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 03/13/2015 12:16Updated: 03/29/2025 13:40
Changes: 03/13/2015 12:16 (83), 09/04/2019 17:43 (1), 03/29/2025 13:40 (16)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.