Serious McAfee buffer overflow flaws join yet another Trend UPX issue.
Several vulnerabilities have been found in
McAfee
‘s
ePolicy Orchestrator
management tool, which could be exploited to gain remote access to systems running the software. Patches have been made available and users are advised to ensure they are applied as soon as possible. Several versions of
EPO 3
, as well as
ProtectionPilot
, are thought to be affected.
A researcher at
Fortinet
‘s security research team discovered the buffer overflow flaws in an ActiveX control used by the software, and reported them to
McAfee
in mid and late December 2006. The issues have been made public following the release of fixes, which can be found
here
. A detailed report, sent to
Full-disclosure
by the researcher who found the flaws, is
here
, and an alert from
Secunia
is
here
.
Trend Micro
, already hit by a
string
of
vulnerabilities
in recent weeks, has suffered another problem in its anti-virus engine, which could cause a full system crash on exposure to a carefully crafted malicious file. The problem, caused by a divide-by-zero error in processing UPX compressed files, affects version 8 of the
Trend
engine, and while some systems may only lose service from the malware scanner,
Windows
users could suffer a ‘Blue Screen of Death’ (BSOD) crash of the whole operating system.
The flaw was reported via
iDefense
two weeks ago, and an update to pattern files was issued by
Trend
on Tuesday to rectify the error. The
iDefense
notification is
here
, and details from
Trend
are
here
.
Posted on 15 March 2007 by
Virus Bulletin
Leave a Reply