This update resolves an issue discovered while running password-protected commands in McAfee Application Control / Change Control 5.1.x / 6.0.0. A hotfix is available to mitigate the issue where the user is not prompted for the password while running password protected commands.
This flaw is encountered if the user sets certain attributes of the client password file to prevent the sadmin command execution. This overrides the prevention mechanism and the user is not prompted for the password while running any of the password-protected commands. Specifically, this flaw is encountered if the <install dir>\solidcore\passwd file attribute is set as read-only.
This flaw requires access to the local computer to set the attribute of the passwd file to read-only. It is therefore considered a local-only attack, although if remote drive access is enabled, the files can be accessed remotely.
I read the recent hotfix released for the SC agent SB10023. Is it saying if you change the file attributes to read-only on the password file you can run password only commands without being prompted??
Message was edited by: ungert on 5/4/12 9:49:32 AM CDT