Sign-up

ID

VAR-199912-0149


CVE

CVE-2000-0119


TITLE

Virus Scanning Recycle Bin Exclusions for Multiple Vendors

Trust: 0.6

sources: CNNVD: CNNVD-199912-076

DESCRIPTION

The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. Many commercial virus scanners for Windows platforms exclude the Recycled folder on the hard drive from their scans. The Recycled folder is where Win9x operating systems keep files that have been deleted via the GUI but not purged from the Recycle Bin. Files of any nature can be manually placed in the Recycled folder. Therefore, it is possible for any user or program to put code into that folder that will never be subject to virus scans. Although WinNT makes use of a folder called 'Recycler' for similar purposes, many virus scanners for NT still have the 'Recycled' folder listed in the exclusions. Note that other virus scanners than those listed under the 'info' tab may be vulnerable as well. document

Trust: 1.26

sources: NVD: CVE-2000-0119 // BID: 956 // VULHUB: VHN-1698

AFFECTED PRODUCTS

vendor:mcafeemodel:virusscanscope:eqversion:*

Trust: 1.0

vendor:symantecmodel:norton antivirusscope:eqversion:*

Trust: 1.0

vendor:symantecmodel:norton antivirusscope: - version: -

Trust: 0.6

vendor:symantecmodel:norton antivirusscope:eqversion:2000

Trust: 0.3

vendor:networkmodel:associates virusscan for windows nt ascope:eqversion:4.0.3

Trust: 0.3

vendor:networkmodel:associates virusscan for windows ntscope:eqversion:4.0.2

Trust: 0.3

vendor:mcafeemodel:virusscanscope:eqversion:4.0

Trust: 0.3

vendor:symantecmodel:norton antivirusscope:neversion:5.0

Trust: 0.3

vendor:symantecmodel:norton antivirus for ntscope:neversion:4.0

Trust: 0.3

vendor:cheyennemodel:inoculan for windows ntscope:neversion:4.0

Trust: 0.3

sources: BID: 956 // CNNVD: CNNVD-199912-076 // NVD: CVE-2000-0119

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-0119
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199912-076
value: HIGH

Trust: 0.6

VULHUB: VHN-1698
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2000-0119
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1698
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1698 // CNNVD: CNNVD-199912-076 // NVD: CVE-2000-0119

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0119

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-199912-076

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-199912-076

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-1698

EXTERNAL IDS
db:NVDid:CVE-2000-0119
Trust: 2.0
db:CNNVDid:CNNVD-199912-076
Trust: 0.7
db:BUGTRAQid:20000130 BYPASS VIRUS CHECKING
Trust: 0.6
db:BIDid:956
Trust: 0.4
db:SEEBUGid:SSVID-73649
Trust: 0.1
db:EXPLOIT-DBid:19733
Trust: 0.1
db:VULHUBid:VHN-1698
Trust: 0.1
sources:
            
            
            VULHUB: VHN-1698 // 
            
            
            
            BID: 956 // 
            
            
            
            CNNVD: CNNVD-199912-076 // 
            
            
            
            NVD: CVE-2000-0119

REFERENCES
url:http://marc.info/?l=bugtraq&m=94936267131123&w=2
Trust: 1.0
url:http://marc.theaimsgroup.com/?l=bugtraq&m=94936267131123&w=2
Trust: 0.6
url:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-01-29&thread=3895202f.a89c9f57@bortnak.com
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=94936267131123&w=2
Trust: 0.1
sources:
            
            
            VULHUB: VHN-1698 // 
            
            
            
            BID: 956 // 
            
            
            
            CNNVD: CNNVD-199912-076 // 
            
            
            
            NVD: CVE-2000-0119

CREDITS
Originally posted to NTBugtraq by Neil Bortnak.
Trust: 0.9
sources:
            
            
            BID: 956 // 
            
            
            
            CNNVD: CNNVD-199912-076

SOURCES
db:VULHUBid:VHN-1698
db:BIDid:956
db:CNNVDid:CNNVD-199912-076
db:NVDid:CVE-2000-0119

LAST UPDATE DATE
2024-08-14T15:45:53.798000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-1698date:2016-10-18T00:00:00
db:BIDid:956date:2009-07-11T01:56:00
db:CNNVDid:CNNVD-199912-076date:2005-10-20T00:00:00
db:NVDid:CVE-2000-0119date:2016-10-18T02:06:31.247

SOURCES RELEASE DATE
db:VULHUBid:VHN-1698date:1999-12-22T00:00:00
db:BIDid:956date:1999-12-22T00:00:00
db:CNNVDid:CNNVD-199912-076date:1999-12-22T00:00:00
db:NVDid:CVE-2000-0119date:1999-12-22T05:00:00