| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1577662121.20070317194434@SECURITY.NNOV.RU> Date: Sat, 17 Mar 2007 19:44:34 +0300 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: thesinoda@...mail.com Cc: bugtraq@...urityfocus.com Subject: Re: Bypassing Mcafee Entreprise Password Protection Dear thesinoda@...mail.com, Unprivileged user has no write access to HKEY_LOCAL_MACHINE\Software. This should not be an issue unless Mcafee weakens default permissions. -- ~/ZARAZA http://securityvulns.com/ One of the striking differences between a cat and a lie is that a cat has only nine lives. (Mark Twain) --Saturday, March 17, 2007, 3:13:41 AM, you wrote to bugtraq@...urityfocus.com: thc> Bug Description thc> =============== thc> Mcafee virusscan Enterprise version allow you to lock the thc> user interface using a password. A user write access windows thc> registry. thc> The password is saved in UIP under the key thc> HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection thc> Or it can be under thc> HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion
Powered by blists - more mailing lists