CVE-2007-1538 - Vulnerability Details - OpenCVE

McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0022.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee Subscribe	Virusscan Enterprise Subscribe

Configuration 1 [-]

cpe:2.3:a:mcafee:virusscan_enterprise:8.5i:*:*:*:*:*:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html
http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html
http://www.osvdb.org/33800
http://www.securityfocus.com/archive/1/463074/100/0/threaded
http://www.securityfocus.com/archive/1/463091/100/0/threaded
http://www.securityfocus.com/archive/1/463187/100/0/threaded
http://www.securitytracker.com/id?1017791

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-20T22:00:00

Updated: 2024-08-07T12:59:08.463Z

Reserved: 2007-03-20T00:00:00

Link: CVE-2007-1538

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-03-20T22:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-1538

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-17T00:00:00", "descriptions": [{"lang": "en", "value": "McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33800", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/33800"}, {"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"}, {"tags": ["x_refsource_MISC"], "url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"}, {"name": "20070317 Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"}, {"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"}, {"name": "1017791", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017791"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1538", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33800", "refsource": "OSVDB", "url": "http://www.osvdb.org/33800"}, {"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"}, {"name": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html", "refsource": "MISC", "url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"}, {"name": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html", "refsource": "MISC", "url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"}, {"name": "20070317 Bypassing Mcafee Entreprise Password Protection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"}, {"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"}, {"name": "1017791", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017791"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:59:08.463Z"}, "title": "CVE Program Container", "references": [{"name": "33800", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/33800"}, {"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"}, {"name": "20070317 Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"}, {"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"}, {"name": "1017791", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017791"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1538", "datePublished": "2007-03-20T22:00:00", "dateReserved": "2007-03-20T00:00:00", "dateUpdated": "2024-08-07T12:59:08.463Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.5i:*:*:*:*:*:*:*", "matchCriteriaId": "AB64274E-B544-4818-BE30-906B2576AC3B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product"}, {"lang": "es", "value": "** IMPUGNADA ** McAfee VirusScan Enterprise 8.5.0.i utiliza permisos inseguros para ciertas claves del registro de Windows, lo cual permite a usuarios locales evitar la protecci\u00f3n local de contrase\u00f1as mediante el valor UIP en (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection o (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTA: este asunto ha sido impugnado por investigadores de una tercera parte, afirmando que los permisos por defecto para HKEY_LOCAL_MACHINE\\SOFTWARE no permiten la escritura y el producto no modifica los permisos heredados. Podr\u00eda haber un error de interacci\u00f3n con otro producto."}], "id": "CVE-2007-1538", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-20T22:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"}, {"source": "cve@mitre.org", "url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/33800"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017791"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/33800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017791"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}