McAfee VirusScan Enterprise < 8.8 Patch 6 Buffer Overflow Protection (BOP) Security Bypass (SB10142)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has an antivirus application installed that is
affected by a buffer overflow protection (BOP) security bypass

Description :

The version of McAfee VirusScan Enterprise installed on the remote
Windows host is prior to 8.8 Patch 6. It is, therefore, affected by
a buffer overflow protection (BOP) security bypass vulnerability due
to insecure allocation of memory pages with Read, Write, and Execute
(RWX) permissions at a constant predictable address. A local attacker
can exploit this to gain access to the address space layout.

See also :

Solution :

Upgrade to McAfee VirusScan Enterprise version 8.8 Patch 6.
Alternatively, apply the workarounds referenced in the vendor

Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 87500 ()

Bugtraq ID: 78810

CVE ID: CVE-2015-8577

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now