• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor Unprivileged User Permissions Log File Modification Vulnerability

An issue exists in Microsoft IIS 4.0 and Symantec Norton Internet Security 2001 which could allow an unauthorized user or process to manipulate the contents of log files.

This is due to the default file system permissions in Windows. Unprivileged users could modify the log file using a File Open Dialog with Win32 API call.

The following are the default permissions on the log files folder:

Administrators: Full Control
Everyone: Change (RWXD)
IUSR_ ComputerName : Full Control
System: Full Control