McAfee Web Gateway 7.6.x < 7.6.2.15 / 7.7.x < 7.7.2.3 Multiple Vulnerabilities (SB10205)

critical Nessus Plugin ID 102496

Synopsis

The remote host running McAfee Web Gateway is affected by multiple code execution vulnerabilities.

Description

The remote host is running a version of McAfee Web Gateway (MWG) that is affected by multiple security vulnerabilities :

- A memory corruption flaw exists in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products that allows remote attackers to execute arbitrary code.
(CVE-2012-6706)

- A memory corruption flaw exists in Linux Kernel versions 4.11.5 and earlier that allows remote attacks to execute arbitrary code with elevated privileges.(CVE-2017-1000364)

- A memory corruption flaw exists in the handling of LD_LIBRARY_PATH that allows a remote attacker to manipulate the heap/stack that may lead to arbitrary code execution. This issue only affects GNU glibc 2.25 and prior. (CVE-2017-1000366)

- An input validation flaw exists in Todd Miller's sudo version 1.8.20p1 and earlier that results in information disclosure and arbitrary command execution. (CVE-2017-1000368)

Solution

Upgrade to McAfee Web Gateway 7.6.2.15 / 7.7.2.3 or later.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=SB10205

Plugin Details

Severity: Critical

ID: 102496

File Name: mcafee_web_gateway_sb10205.nasl

Version: 1.9

Type: combined

Family: Misc.

Published: 8/15/2017

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-6706

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mcafee:web_gateway

Required KB Items: Host/McAfee Web Gateway/Version, Host/McAfee Web Gateway/Display Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/17/2017

Vulnerability Publication Date: 7/25/2017

Exploitable With

Metasploit (Solaris RSH Stack Clash Privilege Escalation)

Reference Information

CVE: CVE-2012-6706, CVE-2017-1000364, CVE-2017-1000366, CVE-2017-1000368

MCAFEE-SB: SB10205