McAfee Firewall Enterprise IGMP Packet Integer Overflow DoS (SB10107)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

The remote host has a version of McAfee Firewall Enterprise installed
that is affected by an integer overflow condition. An unauthenticated,
remote attacker, by sending a specially crafted IGMP packet, can cause
the application to crash due to allocation of insufficient memory. An
incomplete fix was offered in 8.3.2 ePatch 41, 8.3.1 ePatch 70 and
8.2.1 ePatch 135 but newer patches have been released to fully address
the issue.

See also :

https://kc.mcafee.com/corporate/index?page=content&id=SB10107

Solution :

Apply the appropriate patch referenced in the vendor security
advisory.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 83735 ()

Bugtraq ID: 72777

CVE ID: CVE-2015-1414

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now