Home > Security News > Highly critical McAfee flaws patched
Security News:
EMAIL THIS

Highly critical McAfee flaws patched

By Shawna McAlearney, News Editor
18 Mar 2005 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

McAfee Inc. recommends immediately updating the virus scanning engine of a dozen older versions of its products to correct a highly critical flaw that could allow a remote attacker to gain system access. This is the fifth time in recent months that serious flaws have been revealed in the widely used virus-scanner.

The Santa Clara, Calif.-based company said, "McAfee customers operating on a previous version of the McAfee VirusScan Scan Engine [version 4320] are susceptible to a buffer overrun when scanning LHA files, which could potentially lead to a compromised PC."

Internet Security Systems' X-Force
More on patch management

Products of the Year: Patch management
Information Security magazine unveils the best patch management products of 2004.

Check out more articles and tips on patch management.
discovered the flaws and said that by crafting an LHA file, an attacker is able to trigger a stack overflow within the process importing the McAfee AntiVirus Library, which is critical to providing antivirus for desktop, server and gateway systems.

"Compromise of antivirus protected networks and machines may lead to exposure of confidential information, loss of productivity and further network compromise," ISS said in an advisory. "Implementations of McAfee AntiVirus Library are likely vulnerable through common protocols, e.g. SMTP, HTTP, FTP and SMB. It is likely McAfee AntiVirus Library implementations are vulnerable in their default configurations."

Affected products include:

  • Active Mail Protection
  • Active Threat Protection
  • Active Virus Defense SMB Edition
  • Active VirusScan SMB Edition
  • GroupShield 6.x for Microsoft Exchange
  • GroupShield for Exchange 2000 5.x
  • GroupShield for Exchange 5.5 v4.x
  • GroupShield for Exchange 5.5 v5.x
  • GroupShield for Lotus Domino on AIX 5.x
  • GroupShield for Lotus Domino on Windows 5.x
  • GroupShield for Mail Servers with ePO
  • LinuxShield 1.x
  • Managed VirusScan
  • Netshield for Netware 4.x
  • PortalShield for Microsoft SharePoint
  • SecurityShield for Microsoft ISA Server
  • Virex
  • VirusScan 4.x
  • VirusScan 8.x/2004
  • VirusScan 9.x/2005
  • VirusScan Command Line
  • VirusScan Enterprise 8.x
  • VirusScan NetApp
  • VirusScan Professional 7.x
  • WebShield SMTP 4.x

McAfee recommends applying the latest .dat files and updating to AV scanning engine version 4400.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts