-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2019.0062
              Multiple vulnerabilities affecting McAfee Agent
                             28 February 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              McAfee Agent
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Denial of Service        -- Remote/Unauthenticated
                      Access Confidential Data -- Existing Account      
Resolution:           None
CVE Names:            CVE-2019-3599 CVE-2019-3598 
Member content until: Saturday, March 30 2019

OVERVIEW

        Multiple vulnerabilities affecting McAfee Agent has been resolved for 
        version 5.6.0, 5.5.x, and 5.0.x. [1][2]


IMPACT

        McAfee has provided the following information on the 
        vulnerabilities.
        
        "CVE-2019-3599 Information Disclosure vulnerability in remote 
        logging (which is disabled by default) in McAfee Agent (MA) 5.x 
        allows remote unauthenticated users to access "[1]
        
        "CVE-2019-3598 Buffer Access with Incorrect Length Value in McAfee 
        Agent (MA) 5.x allows remote unauthenticated users to potentially 
        cause a partial denial-of-service via specifically crafted UDP 
        packets. "[2]


MITIGATION

        McAfee advises updating to McAfee Agent 5.6.0 to address these 
        vulnerabilities. [1][2]
        
        "Update to McAfee Agent (MA) 5.6.0 Hotfix 1264214 (HF1264214) 
        "


REFERENCES

        [1] McAfee Security Bulletin - McAfee Agent update fixes an Information
            Disclosure vulnerability (CVE-2019-3599) (SB10271)
            https://kc.mcafee.com/corporate/index?page=content&id=SB10271

        [2] McAfee Security Bulletin - McAfee Agent update fixes a
            vulnerability in handling UDP requests (CVE-2019-3598) (SB10272)
            https://kc.mcafee.com/corporate/index?page=content&id=SB10272

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXHc1iGaOgq3Tt24GAQg9dw/8COuhf3fGAr2rA3kSnW68OAnr8+usIGjt
AwnxXaNJUxIeLsExjXf6S8dYxp9I505eovAvvgQG7530yaXCQ8YAwvVe82RXuQev
YGIzOWF+uPn5AHvXYV7ZH4DE0heOR1zMkdzUZ1ZzBeMrUlz/qk9+KsOIkPK3fapN
WRoDpfF5+U9ac7YAQi+0nVpMIUC2aJb9tWXDymTky9/N2m548+ArjR6Bnqpe1DE7
QW6KfLMTNsWe1pzS3xuv+9Ec+1NkB8ddT66goYMOTSieHXXXDYz75M/hRmN0BiTL
l5XSeV4M5IDxJGILPfzhGV+cs7pCasWsFHnzXhM93KbaH/Q1+xACTCGKso916bmR
Lex5p9BoFflM5aqwyk4H6bQHOAsxtI8U/O2gv6zJQvj2Jn2mE8BFZ1/vR6jt6UnS
Pp6B0RXzT21tnvMu77lwB/CWANqAbfSZlyl+zBc0MU/kZfzPuzLdUkMAew8/+WjK
i6XBPLwmGOexOrGcFsULzPM0U+/nxq1DnEusTsykoYhplNGJItGkU5G0bg9AWfig
IHmUgYG7N7g0k7QKrQSxcZfrYJ+gClLonUHJvJPMI4OxfN9rT3i+dzxBdO0S29iC
3zlG3R3cx77IJFhk1UbSnASjkUUe7yx8lDygKIUwRG3PsYpFvqxe+dOH/6VB7upy
xtINCv3DaOs=
=7bRu
-----END PGP SIGNATURE-----