McAfee VirusScan Enterprise 8.8 < 8.8 Patch 1 DoS

high Nessus Plugin ID 72349

Synopsis

The remote Windows host has an antivirus application that is affected by a denial of service vulnerability.

Description

The remote Windows host has a version of McAfee VirusScan Enterprise (VSE) 8.8 prior to 8.8 Patch 1. It is, therefore, affected by a denial of service vulnerability due to a flaw in Self Protection. Malicious software can change the NTFS folder permissions on VSE folders and disable the software.

Solution

Upgrade to VSE 8.8 Patch 1 or later.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=KB72032

Plugin Details

Severity: High

ID: 72349

File Name: mcafee_vse_kb72032.nasl

Version: Revision: 1.1

Type: local

Agent: windows

Family: Windows

Published: 2/5/2014

Updated: 2/6/2014

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:mcafee:virusscan_enterprise

Required KB Items: Antivirus/McAfee/installed

Patch Publication Date: 10/26/2011

Vulnerability Publication Date: 6/1/2011