McAfee Web Gateway 7.6.x < / 7.7.x < Multiple Vulnerabilities (SB10205)

High Nessus Plugin ID 102496


The remote host running McAfee Web Gateway is affected by multiple code execution vulnerabilities.


The remote host is running a version of McAfee Web Gateway (MWG) that is affected by multiple security vulnerabilities :

- A memory corruption flaw exists in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products that allows remote attackers to execute arbitrary code.

- A memory corruption flaw exists in Linux Kernel versions 4.11.5 and earlier that allows remote attacks to execute arbitrary code with elevated privileges.(CVE-2017-1000364)

- A memory corruption flaw exists in the handling of LD_LIBRARY_PATH that allows a remote attacker to manipulate the heap/stack that may lead to arbitrary code execution. This issue only affects GNU glibc 2.25 and prior. (CVE-2017-1000366)

- An input validation flaw exists in Todd Miller's sudo version 1.8.20p1 and earlier that results in information disclosure and arbitrary command execution. (CVE-2017-1000368)


Upgrade to McAfee Web Gateway / or later.

See Also

Plugin Details

Severity: High

ID: 102496

File Name: mcafee_web_gateway_sb10205.nasl

Version: $Revision: 1.4 $

Type: combined

Family: Misc.

Published: 2017/08/15

Modified: 2017/10/09

Dependencies: 73136

Risk Information

Risk Factor: High


Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C


Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:mcafee:web_gateway

Required KB Items: Host/McAfee Web Gateway/Version, Host/McAfee Web Gateway/Display Version

Patch Publication Date: 2017/07/17

Vulnerability Publication Date: 2017/07/25

Reference Information

CVE: CVE-2012-6706, CVE-2017-1000364, CVE-2017-1000366, CVE-2017-1000368


IAVA: 2017-A-0165