Avast! Antivirus Local Insecure Permissions Vulnerability

Bugtraq ID:	17158
Class:	Design Error
CVE:
Remote:	No
Local:	Yes
Published:	Mar 04 2006 12:00AM
Updated:	Mar 21 2006 04:24PM
Credit:	toadlife disclosed this issue.
Vulnerable:	Avast Antivirus Home Edition 4.6.691 Avast Antivirus Home Edition 4.6.665 Avast Antivirus Home Edition 4.6.655 Avast Antivirus Home Edition 4.6.652 Avast Antivirus Home Edition 4.6 Avast Antivirus Home Edition 4.0
Not Vulnerable:

Avast! Antivirus Local Insecure Permissions Vulnerability

The avast! Antivirus product is prone to a local insecure-permissions vulnerability. This issue is due to the application incorrectly resetting the permissions on critical files during its periodic update process.

A local, unprivileged attacker can exploit this issue to replace critical driver files with malicious executables. This may facilitate a complete compromise of the affected computer.

This issue affects avast! 4.x versions. Other versions may also be vulnerable.

Avast! Antivirus Local Insecure Permissions Vulnerability

An exploit is not required.

Avast! Antivirus Local Insecure Permissions Vulnerability

Solution:

The vendor has reported that this issue will be addressed in an upcoming avast! update.

Avast! Antivirus Local Insecure Permissions Vulnerability

References:

• Priviledge Escalation vulnerability caused by Avast 4.x (avast!WEBforum)
  
• Re: AVG updates grant full control to Everyone, changes owner? (Broadband Reports.com)
  
• Urgent from Sybase/Financial Fusion: A possible issue exists with the Consumer B (Sybase)