Network Security, Vulnerability Management

McAfee VirusScan for Linux vulnerability gives root access

An independent cybersecurity researcher found a vulnerability in Intel's McAfee VirusScan Enterprise for Linux that can allow a remote code execution as root.

Andrew Fasano blogged that versions 1.9.2 through 2.0.2 of the cybersecurity software are affected. He noted the software was ripe for the picking as it runs as root, is not widely used and had not been updated for quite some time.

Fasano's investigation found 10 specific vulnerabilities that when operated together allow an attacker to execute code as root.

  1. CVE-2016-8016: Remote Unauthenticated File Existence Test
  2. CVE-2016-8017: Remote Unauthenticated File Read (with Constraints)
  3. CVE-2016-8018: No Cross-Site Request Forgery Tokens
  4. CVE-2016-8019: Cross Site Scripting
  5. CVE-2016-8020: Authenticated Remote Code Execution & Privilege Escalation
  6. CVE-2016-8021: Web Interface Allows Arbitrary File Write to Known Location
  7. CVE-2016-8022: Remote Use of Authentication Tokens
  8. CVE-2016-8023: Brute Force Authentication Tokens
  9. CVE-2016-8024: HTTP Response Splitting
  10. CVE-2016-8025: Authenticated SQL Injection

After being notified by Fasano, McaFee issued an update fixing the issues on Dec. 9, the Inquirer reported.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Address Resolution Protocol (ARP)BandwidthBroadcast AddressCache PoisoningCellCircuit Switched NetworkCollisionCrossover CableDemilitarized Zone (DMZ)Domain Name System (DNS)

You can skip this ad in 5 seconds