lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 17 Mar 2007 00:13:41 -0000 From: thesinoda@...mail.com To: bugtraq@...urityfocus.com Subject: Bypassing Mcafee Entreprise Password Protection Date : 03/16/2007 URL: http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html Affected Product / OS ===================== Product Name and Version: McAfee VirusScan Entreprise 8.5.0.i maybe older version too. Tested on OS: Windows XP, 2003 Bug Type ======== Type: Bad Design Bug Results =========== Bypass Password Protection Bug Description =============== Mcafee virusscan Enterprise version allow you to lock the user interface using a password. A user write access windows registry. The password is saved in UIP under the key HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection Or it can be under HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion If you remove the value of the UIP you will end up bypassing the password. You can replace the value if you wish too with a known value, but why bother when you can remove the password. I think this type of protection is not too secure. Proof-Of-Concept ================ http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html Peace to you all
Powered by blists - more mailing lists