McAfee MyCIO Directory Traversal Network Vulnerability

Summary

The remote host runs McAfee's myCIO HTTP Server, which is vulnerable to Directory Traversal. A security vulnerability in the product allows attackers to traverse outside the normal HTTP root path, and this exposes access to sensitive files.

Solution

Configure your firewall to block access to this port (TCP 6515). Use the Auto Update feature of McAfee's myCIO to get the latest version.

Severity

Classification

CVE CVE-2001-1144
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Misconfigured Gnutella
IlohaMail Arbitrary File Access via Language Variable
Music Daemon Denial of Service
Use LDAP search request to retrieve information from NT Directory Services
Avotus mm File Retrieval attempt

McAfee myCIO Directory Traversal

Take action and discover your vulnerabilities