Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0089.2 A vulnerability has been identified in McAfee Agent prior to version 5.0.2 21 September 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee Agent Operating System: Windows Linux variants OS X Impact/Access: Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-7237 Member content until: Thursday, October 8 2015 Revision History: September 21 2015: CVE reference added September 8 2015: Initial Release OVERVIEW A vulnerability has been identified in McAfee Agent prior to version 5.0.2. [1] IMPACT The vendor has provided the following details regarding the vulnerability: "This McAfee Agent patch addresses a vulnerability in the remote log viewing functionality where the inputs passed to the URL were not completely validated." [1] "This vulnerability is encountered only if the following two conditions are met. Please note that these are not enabled by default: The McAfee Agent remote log viewing functionality is enabled. Access to remote logs is not restricted to ePO administrators. If both of the above conditions are satisfied, a malicious user can pass unexpected inputs to McAfee Agent using the URL." [11 MITIGATION The vendor recommends users update to the latest version of McAfee Agent to correct these issues. [1] REFERENCES [1] Intel Security - Security Bulletin: McAfee Agent patch fixes a vulnerability in its remote log viewing functionality https://kc.mcafee.com/corporate/index?page=content&id=SB10130 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVf+EKX6ZAP0PgtI9AQL6KRAAv2P6rKAvsr7a2vUvndDJHwA+sACA4VvQ xX/fyx0IJgnE9S2dnUKkJX2xZ4B3XKHlE/PGowi4LPdV8D7/EaNesETkMZUZQxra sWdyXUKob+NeUjuibPCcK2wJemJNY1FUnwEMZFcgBk6Odlr9PYGMqb71JwsWGKlw 3mF+l7fG6/H3nWAYau3Yqws8MAocwL/RF4Hp2MQK1z5iIh/q7kxTt+guV98020Wk x2IKvJvvjWbDk4drgCECC3N4JCo40sm7MXEIIkvoW8b4Iqb6+RKYX4klE2Wcgr9y h4ngdVotIQyOM2BppLnVam4YoZ/0/l7fjdL93qhkNPLWRNWHMOxqvTPeIoXl2hJK PCoiLaYp7T9H5IopIJ43tWkApp6BjN7xosLjMlMZhuSBib6NuGIjMa9lc7Dj2ukL TtepGvKs0dKz8/jd55y0O6M3+T3Nq12qrPAiBgrhiJTcBi9+xrSYcqyR7B/YLU3r hdsJMY4ItLnpu1iWS/c2lmGSojrpaqfzVKjZpOpxmkp4r9fMsey3pOJUsEhW+2oX jPRywhwmf7/XeRwopnnT16E+6FZJdqVMw4iK/kWUWCZ+EKExAtlDiq9P5k35itS1 E6+SiGLvKrKVSoTxgT17ACTrm6j9YLfQc9zyREoT8eBWCmjYKefQYGzyOqHsYU68 Nmzve8x5o9k= =jq35 -----END PGP SIGNATURE-----