Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0062 Multiple vulnerabilities affecting McAfee Agent 28 February 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee Agent Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Resolution: None CVE Names: CVE-2019-3599 CVE-2019-3598 Member content until: Saturday, March 30 2019 OVERVIEW Multiple vulnerabilities affecting McAfee Agent has been resolved for version 5.6.0, 5.5.x, and 5.0.x. [1][2] IMPACT McAfee has provided the following information on the vulnerabilities. "CVE-2019-3599 Information Disclosure vulnerability in remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access "[1] "CVE-2019-3598 Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a partial denial-of-service via specifically crafted UDP packets. "[2] MITIGATION McAfee advises updating to McAfee Agent 5.6.0 to address these vulnerabilities. [1][2] "Update to McAfee Agent (MA) 5.6.0 Hotfix 1264214 (HF1264214) " REFERENCES [1] McAfee Security Bulletin - McAfee Agent update fixes an Information Disclosure vulnerability (CVE-2019-3599) (SB10271) https://kc.mcafee.com/corporate/index?page=content&id=SB10271 [2] McAfee Security Bulletin - McAfee Agent update fixes a vulnerability in handling UDP requests (CVE-2019-3598) (SB10272) https://kc.mcafee.com/corporate/index?page=content&id=SB10272 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXHc1iGaOgq3Tt24GAQg9dw/8COuhf3fGAr2rA3kSnW68OAnr8+usIGjt AwnxXaNJUxIeLsExjXf6S8dYxp9I505eovAvvgQG7530yaXCQ8YAwvVe82RXuQev YGIzOWF+uPn5AHvXYV7ZH4DE0heOR1zMkdzUZ1ZzBeMrUlz/qk9+KsOIkPK3fapN WRoDpfF5+U9ac7YAQi+0nVpMIUC2aJb9tWXDymTky9/N2m548+ArjR6Bnqpe1DE7 QW6KfLMTNsWe1pzS3xuv+9Ec+1NkB8ddT66goYMOTSieHXXXDYz75M/hRmN0BiTL l5XSeV4M5IDxJGILPfzhGV+cs7pCasWsFHnzXhM93KbaH/Q1+xACTCGKso916bmR Lex5p9BoFflM5aqwyk4H6bQHOAsxtI8U/O2gv6zJQvj2Jn2mE8BFZ1/vR6jt6UnS Pp6B0RXzT21tnvMu77lwB/CWANqAbfSZlyl+zBc0MU/kZfzPuzLdUkMAew8/+WjK i6XBPLwmGOexOrGcFsULzPM0U+/nxq1DnEusTsykoYhplNGJItGkU5G0bg9AWfig IHmUgYG7N7g0k7QKrQSxcZfrYJ+gClLonUHJvJPMI4OxfN9rT3i+dzxBdO0S29iC 3zlG3R3cx77IJFhk1UbSnASjkUUe7yx8lDygKIUwRG3PsYpFvqxe+dOH/6VB7upy xtINCv3DaOs= =7bRu -----END PGP SIGNATURE-----