First published: Thu Jun 08 2000(Updated: )
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
McAfee VirusScan Plus | =4.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2000-0502 is classified as a moderate severity vulnerability affecting McAfee VirusScan 4.0.3.
To resolve CVE-2000-0502, ensure that access controls are properly implemented to restrict local user access to the alert text file.
CVE-2000-0502 affects local users of McAfee VirusScan version 4.0.3 who can modify alerts before they are sent to the Central Alert Server.
The potential impact of CVE-2000-0502 is that local users can alter alert messages, which may lead to confusion or misinformation from the Central Alert Server.
As of the last update, there is no specific patch for CVE-2000-0502, but it is recommended to update to the latest version of McAfee VirusScan.