NOD32 < 2.51.26 Antivirus Local File Overwrite
High Nessus Network Monitor Plugin ID 3503
SynopsisThe remote antivirus software can be tricked by local users into replacing system files.
DescriptionThe remote host is running the NOD32 antivirus software. This software is vulnerable to a flaw where local users can execute arbitrary code by quarantining a file and then 'restoring' the file in such a manner that, when next executed, the file is run with SYSTEM privileges.
SolutionUpgrade to version 2.51.26 or higher.