Vulnerabilities > CVE-2006-1649 - Unspecified vulnerability in Eset Software Nod32 Antivirus
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN eset-software
nessus
Summary
The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
| NASL family | Windows |
| NASL id | NOD32_LOCAL_FILE_CREATION.NASL |
| description | The installed version of NOD32 reportedly allows a local user to restore a malicious file from NOD32 |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 21609 |
| published | 2006-05-27 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/21609 |
| title | NOD32 Antivirus Restore To Feature Local File Creation |
References
- http://www.securityfocus.com/bid/17374
- http://secunia.com/advisories/19054
- http://securitytracker.com/id?1015867
- http://www.osvdb.org/24393
- http://securityreason.com/securityalert/672
- http://www.vupen.com/english/advisories/2006/1242
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25640
- http://www.securityfocus.com/archive/1/429892/100/0/threaded