Required CVE Record Information
Description
Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
References 3 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- securityfocus.com: 19980611 Cheyenne Inoculan vulnerability on NT mailing-listx_transferred
- securityfocus.com: 106 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: inoculan-bad-permissions(1536) vdb-entryx_transferred