McAfee plugs flaw |
 |
By SearchSecurity.com Staff
10 Jan 2008 | SearchSecurity.com |
|
|
A flaw in McAfee's E-Business Server could be exploited to cause a DoS attack or compromise a vulnerable system.
The vulnerability affects versions 8.5.2 and prior on Microsoft Windows, according to an advisory issued by Danish vulnerability clearinghouse, Secunia.
Secunia rated the vulnerability "moderately critical" because it can only be exploited from a local network.
McAfee encouraged customers to upgrade to version 8.5.3.
"When the server processes this malicious traffic, the service will interrupt normal functioning of the server and may execute code with the same privileges as the LOCAL_SYSTEM service," McAfee said in its advisory.
McAfee said correctly defined firewall configurations greatly reduces the risk of the issue.
The flaw was discovered by Leon Juranic of Croatian-based security firm, Infigo.
|
