CVE-2000-1106

Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/2014	Exploit Patch Vendor Advisory
http://www.securityfocus.com/archive/1/147563	Patch Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2000-12/0016.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/5606

Configurations

Configuration 1 (hide)

cpe:2.3:a:trend_micro:interscan_viruswall:*:*:*:*:*:*:*:*

Information

Published : 2001-01-08 21:00

Updated : 2017-10-09 18:29

NVD link : CVE-2000-1106

Mitre link : CVE-2000-1106

JSON object : View

CWE

NVD-CWE-Other

Products Affected

trend_micro

interscan_viruswall

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/2014", "name": "2014", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.securityfocus.com/archive/1/147563", "name": "20001128 TrendMicro InterScan VirusWall shared folder problem", "tags": ["Patch", "Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0016.html", "name": "20001201 Responding to BugTraq ID 2014 - \"Trend Micro InterScan VirusWall Shared Directory Vulnerability\"", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5606", "name": "interscan-viruswall-unauth-access(5606)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Trend Micro InterScan VirusWall creates an \"Intscan\" share to the \"InterScan\" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2000-1106", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2001-01-09T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:trend_micro:interscan_viruswall:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.4"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-10-10T01:29Z"}

4.6 /10