CVE-1999-1195 - NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update

CVE-1999-1195

Summary

NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly.

References

http://marc.info/?l=bugtraq&m=92588169005196&w=2
http://marc.info/?l=ntbugtraq&m=92587579032534&w=2
http://www.securityfocus.com/bid/169

Vulnerable Configurations

cpe:2.3:a:network_associates:virusscan:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:network_associates:virusscan:4.0.2:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 18-10-2016 - 02:02)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	169
bugtraq	19990505 NAI AntiVirus Update Problem
ntbugtraq	19990505 NAI AntiVirus Update Problem

Last major update

18-10-2016 - 02:02

Published

05-05-1999 - 04:00

Last modified

18-10-2016 - 02:02