Release date:
Updated on:
Affected Systems:
McAfee VirusScan Enterprise 8.8 Patch 2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 58163
McAfee VirusScan is a popular real-time virus protection application.
McAfee VirusScan Enterprise 8.8 Patch 2 after the Administrator enables access protection, a VSE component allows permission escalation. authenticated users can exploit this vulnerability to escalate permissions. This vulnerability affects access protection and self-protection VSE 8.8 Patch 2.
<* Source: vendor
Link: http://secunia.com/advisories/52386/
Https://kc.mcafee.com/corporate/index? Page = content & id = SB10038
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
McAfee
------
McAfee has released a Security Bulletin (SB10038) for this purpose and corresponding patches:
SB10038: McAfee Security Bulletin-Virus Scan Enterprise update fixes a potential privilege escalation vulnerability when access protection is turned off
Link: https://kc.mcafee.com/corporate/index? Page = content & id = SB10038
Patch download: http://www.mcafee.com/us/downloads