***** NSEC Information Service – McAfee *****
Datum: 2013-05-07
Beskrivning:
McAfee har upptäckt en sårbarhet i McAfee Agent (MA) extension. Påverkade versioner är:
MA 4.5.0-4.5.6
MA 4.6.0-4.6.3
Lösning:
Checka in MA extension 4.8 i ePO. MA extension 4.8 är bakåtkompatibel med 4.5 och 4.6.
Fullständig beskrivning från McAfee:
McAfee has discovered and resolved a vulnerability in the following versions of the ePolicy Orchestrator (ePO) Extension for McAfee Agent (MA):
Affected Product Extension Versions
• MA 4.5.0 (RTW) to MA 4.5.0 Patch 3 Extension
• MA 4.6.0 (RTW) to MA 4.6.0 Patch 3 Extension
NOTE: The MA 4.8.0 Extension and later are not affected.
Impact
CVE-2013-0140 – VESVM-2013-001 (CVSS: 6.2 Severity: High) is a server-side pre-authenticated SQL Injection vulnerability within the Agent-Handler component (Agent-Server communication channel). A successful exploit can allow remote code execution (RCE).
Remediation
McAfee recommends that all customers verify that they have applied the latest updates. Affected users should install the relevant patches or hotfixes.
Patch the currently supported versions of the ePO Extension for MA before version 4.8.
NOTE: The 4.8 Extension is backwards-compatible with MA 4.5 and 4.6. There is no 4.7 version. A separate 4.6 hotfix is being developed for customers who are unable to upgrade to the MA 4.8 Extension.
For full remediation instructions, see SB10043:
https://kc.mcafee.com/corporate/index?page=content&id=SB10043
NIS
NSEC Network Security