SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   McAfee VirusScan Vendors:   McAfee
McAfee VirusScan Buffer Overflow Protection Lets Local Users Deny Service
SecurityTracker Alert ID:  1016450
SecurityTracker URL:  http://securitytracker.com/id/1016450
CVE Reference:   CVE-2006-3575   (Links to External Site)
Updated:  Jul 18 2008
Original Entry Date:  Jul 7 2006
Impact:   Denial of service via local system
Exploit Included:  Yes  
Version(s): 8.0.0
Description:   A vulnerability was reported in McAfee VirusScan. A local user can cause denial of service conditions.

A local user can create a buffer overflow exclusion in the 'Buffer Overflow Protection Properties' and supply specially crafted values for the process name, module name, and API name fields. This will cause denial of service conditions on the target application until the exclusion is removed or the 'Buffer Overflow Protection' is disabled.

johndoe1529 at yahoo.com reported this vulnerability.

Impact:   A local user can cause denial of service conditions on the target system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.mcafee.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  McAfee VirusScan Enterprise 8.0.0 Buffer Overflow

A local Buffer Overflow was discovered in McAfee VirusScan Enterprise 8.0.0.
The overflow can be triggered within the "Buffer OverFlow Protection Properties" by creating a buffer overflow exclusion. Then fill
 each field
with data, and click ok, and apply
Process name: AAAAAAAAAAAAAAAAA......etc
Module name: AAAAAAAAAAAAAAAAAA......etc
API name: AAAAAAAAAAAAAAAAAAAAA......etc

This will trigger various exceptions based on amount of data added to each field.

This will DoS the AV . McAfee AV will not run correctly again until Buffer Overflow Protection is disabled or the Buffer Overflow
 Exclusion is removed.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC