Bugtraq: Re: Bypassing Mcafee Entreprise Password Protection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Bypassing Mcafee Entreprise Password Protection

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Sat, 17 Mar 2007 19:44:34 +0300

Dear thesinoda () hotmail com,

 Unprivileged  user  has no write access to HKEY_LOCAL_MACHINE\Software.
 This should not be an issue unless Mcafee weakens default permissions.

-- 
~/ZARAZA http://securityvulns.com/
One of the striking differences between a cat and a lie is
that a cat has only nine lives. (Mark Twain)


--Saturday, March 17, 2007, 3:13:41 AM, you wrote to bugtraq () securityfocus com:


thc> Bug Description
thc> ===============
thc> Mcafee virusscan Enterprise version allow you to lock the
thc> user interface using a password. A user write access windows
thc> registry.

thc> The password is saved in UIP under the key
thc> HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection

thc> Or it can be under

thc> HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion

By Date By Thread

Current thread:

Bypassing Mcafee Entreprise Password Protection thesinoda (Mar 17)
- Re: Bypassing Mcafee Entreprise Password Protection 3APA3A (Mar 17)
  - RE: Bypassing Mcafee Entreprise Password Protection Rogheden Anders (Mar 19)