Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0065 A number of vulnerabilities have been identified in McAfee Network Data Loss Prevention 3 June 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee Network Data Loss Prevention Operating System: Network Appliance Impact/Access: Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2009-4565 Member content until: Thursday, July 3 2014 Reference: ESB-2011.0186 ESB-2010.0396.2 ESB-2010.0306 ESB-2010.0295 ESB-2010.0272.2 ESB-2010.0246 ESB-2010.0096 OVERVIEW A number of vulnerabilities have been identified in McAfee Network Data Loss Prevention prior to version 9.3.2 with Hotfix 963587_47041. [1] IMPACT The vendor has provided the following details regarding these vulnerabilities: "Impact of Vulnerability: Denial of Service Confidentiality Integrity Man-in-the-Middle Attacks CVE Numbers: CVE-2009-4565" [1] "CVE # / Vulnerability CVSS Base / McAfee ID Temporal Score 938810 RAR file containing infected file cause segmentation fault DOS attack. 7.1 / 5.9 921267 MySQL Injection may affect the confidentiality and integrity of the application. 5.5 / 4.5 921270 Insufficient framing protection may lead to click-jacking or frame-sniffing attacks. 4.4 / 3.4 CVE-2009-4565 963587 Sendmail does not handle \0 character in common name field of X.509 Certificate leading to Man in Middle Attacks. 4.3 / 3.6" [1] MITIGATION It is recommended that administrators upgrade to version 9.3.2 and apply the appropriate Hotfix to correct these issues. [1] REFERENCES [1] McAfee Security Bulletin McAfee Data Loss Prevention addresses four security issues https://kc.mcafee.com/corporate/index?page=content&id=SB10074 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU41S+xLndAQH1ShLAQJA3hAAo7i0Ftij6f23phQXUXFNScGtfsIJXgJE YeSoTrj080rQi0FGAHaCciqmQwZHpcyOh5UodsAzszvmGRWpgrZ1AZ0d+zSDHmCI EheopAXt+zBy9io990Y5C3EZffkrIXE6QCRXad/GJCTYaPKyDdDpznt0vsCTodIP PQ/Xn5BJB4l4BtlpoBW5HZTJgWy00uwrm9E5imClVzL4CjpIOvL2lR/z/lSd2BGL 1tHnf2fqDSigq2SmuIHztMUvxwlcOWv0W9NoDbvu6e1VUkB3Nr3vk2YZv0XkD/VD BPATDJcdKYYpi2yoEKTheLcsywGtbESi5KlN0sC63v0DMdKf7isAXOYF8i2BMawq ID4Qx0c+osjt525fGGymzxIPE3i+7Yzqa14TqACA6kKaiI/KzemqoxYlnM8QmGQH MockQdsAvNlsMUEbOFdF6KCtAbEOm+8taHHcqgo+r3zxpz1J3lg6YzgOSNRON4xR M1WWIrjj6ZghowVpxYs6x5oPcPNAx4oP9+WAGoH6jW6xbXZTRWYjAiNy7/Jt8XGd KjvbRbgXD/keuYArWZKOERDPHRo78wGYTqG3KnMRIoXMMMXoTLqpH7S+j3rBx+j7 n6opJ7zSyqGevIL60c0LsDgeUD8zv0u7WKLgA3113mXT2oFyzwFEoGPiHkoUQk9I 8Sf268ysx1o= =1bOX -----END PGP SIGNATURE-----