McAfee VirusScan Enterprise 8.8 < 8.8 Patch 1 DoS

High Nessus Plugin ID 72349

Synopsis

The remote Windows host has an antivirus application that is affected by a denial of service vulnerability.

Description

The remote Windows host has a version of McAfee VirusScan Enterprise (VSE) 8.8 prior to 8.8 Patch 1. It is, therefore, affected by a denial of service vulnerability due to a flaw in Self Protection. Malicious software can change the NTFS folder permissions on VSE folders and disable the software.

Solution

Upgrade to VSE 8.8 Patch 1 or later.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=KB72032

Plugin Details

Severity: High

ID: 72349

File Name: mcafee_vse_kb72032.nasl

Version: Revision: 1.1

Type: local

Agent: windows

Family: Windows

Published: 2014/02/05

Updated: 2014/02/06

Dependencies: 12107, 13855

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:mcafee:virusscan_enterprise

Required KB Items: Antivirus/McAfee/installed

Patch Publication Date: 2011/10/26

Vulnerability Publication Date: 2011/06/01