McAfee Firewall Enterprise IGMP Packet Integer Overflow DoS (SB10107)
High Nessus Plugin ID 83735
SynopsisThe remote host is affected by a denial of service vulnerability.
DescriptionThe remote host has a version of McAfee Firewall Enterprise installed that is affected by an integer overflow condition. An unauthenticated, remote attacker, by sending a specially crafted IGMP packet, can cause the application to crash due to allocation of insufficient memory. An incomplete fix was offered in 8.3.2 ePatch 41, 8.3.1 ePatch 70 and 8.2.1 ePatch 135 but newer patches have been released to fully address the issue.
SolutionApply the appropriate patch referenced in the vendor security advisory.