Hi,
I just figured out, that eScan Corp creates a pub folder on the server including some sub-folders with shares. A couple of them are configured with all access to every user - including full ntfs permission to everyone! In other words: everyone who knows the hidden share-name is able to view:
-AVX
-DEPLOY
-LOG
I'm not sure of it's possible that a user with some knowledge is able to do changes on policies, changing eScan admin passwords etc etc etc... I don't want to think any further about this...
Kind regards,
Henning
eScan - Antivirus & Content Security Forum
Antivirus, Content Security & Firewall Software.
everyone has access to PUB-Folder
Moderators: Divesh, Gurdip Singh
2 posts
• Page 1 of 1
everyone has access to PUB-Folder
by Henning » Mon Sep 27, 2010 12:39 pm
- Henning
- Posts: 55
- Joined: Thu Sep 10, 2009 2:41 pm
by vineeth » Mon Sep 27, 2010 6:04 pm
Hello,
With reference to your query regarding the shared folder access on the eScan server , the mentioned folders are used by the eScan client systems and hence need to have specific rights inorder to download the updates and upload thier respective log files.
Regarding the query about a user being able to make changes to the deployed policies on these shared folders, download and install the eScan hotfix from the below link on the eScan server .
A new feature i.e. self-protection has been added wherein users won't be able to make any changes on the files in the shared folder.
Link for Hotfix 1.0.0.823
http://download1.mwti.net/download/hotf ... patch1.exe
Please reboot the system once after installing the hotfix.
The hotfix has not been released yet and has been provided to you on a temporary link.It will be made availlable globally in some time.
Kindly revert back in case you have any more queries.
With reference to your query regarding the shared folder access on the eScan server , the mentioned folders are used by the eScan client systems and hence need to have specific rights inorder to download the updates and upload thier respective log files.
Regarding the query about a user being able to make changes to the deployed policies on these shared folders, download and install the eScan hotfix from the below link on the eScan server .
A new feature i.e. self-protection has been added wherein users won't be able to make any changes on the files in the shared folder.
Link for Hotfix 1.0.0.823
http://download1.mwti.net/download/hotf ... patch1.exe
Please reboot the system once after installing the hotfix.
The hotfix has not been released yet and has been provided to you on a temporary link.It will be made availlable globally in some time.
Kindly revert back in case you have any more queries.
With Regards,
Vineeth K.
eScan
Web site: www.escanav.com
Technical Support Website:- http://support.mwti.net/support
Vineeth K.
eScan
Web site: www.escanav.com
Technical Support Website:- http://support.mwti.net/support
- vineeth
- Posts: 114
- Joined: Fri Feb 22, 2008 7:19 pm
- Location: Mumbai
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 13 guests