cnvd-2016-02190
Vulnerability from cnvd

Title: 多款McAfee产品安全绕过漏洞

Description:

McAfee Active Response(MAR)等都是美国迈克菲(McAfee)公司的产品。MAR是一套终端威胁检测与响应解决方案。McAfee Agent(MA)是一套提供了ePolicy Orchestrator(杀毒软件管理平台)与被管理产品之间的安全通信的客户端组件。McAfee Data Loss Prevention Endpoint(DLPe)是一套集成式终端数据保护解决方案。该方案能够防止机密数据被盗和意外泄露,并提供针对文件处理和传输的安全策略、共享终端数据流控制和数据加密等功能。

多款McAfee产品中存在安全漏洞。本地攻击者可利用该漏洞绕过self-protection规则,修改注册表键和文件。

Severity:

Patch Name: 多款McAfee产品安全绕过漏洞的补丁

Patch Description:

McAfee Active Response(MAR)等都是美国迈克菲(McAfee)公司的产品。MAR是一套终端威胁检测与响应解决方案。McAfee Agent(MA)是一套提供了ePolicy Orchestrator(杀毒软件管理平台)与被管理产品之间的安全通信的客户端组件。McAfee Data Loss Prevention Endpoint(DLPe)是一套集成式终端数据保护解决方案。该方案能够防止机密数据被盗和意外泄露,并提供针对文件处理和传输的安全策略、共享终端数据流控制和数据加密等功能。

多款McAfee产品中存在安全漏洞。本地攻击者可利用该漏洞绕过self-protection规则,修改注册表键和文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://kc.mcafee.com/corporate/index?page=content&id=SB10151

Reference: https://kc.mcafee.com/corporate/index?page=content&id=SB10151

Impacted products
Name
['Mcafee VirusScan Enterprise 8.8 (VSE)', 'Mcafee McAfee Agent 5.x (MA)', 'Mcafee Data Exchange Layer (DXL)', 'Mcafee Host Intrusion Prevention Service 8.0', 'McAfee Data Loss Prevention Endpoint', 'Mcafee McAfee Device Control', 'McAfee Endpoint Security (ENS) 10.0', 'McAfee McAfee Active Response']
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3984"
    }
  },
  "description": "McAfee Active Response\uff08MAR\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002MAR\u662f\u4e00\u5957\u7ec8\u7aef\u5a01\u80c1\u68c0\u6d4b\u4e0e\u54cd\u5e94\u89e3\u51b3\u65b9\u6848\u3002McAfee Agent\uff08MA\uff09\u662f\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002McAfee Data Loss Prevention Endpoint\uff08DLPe\uff09\u662f\u4e00\u5957\u96c6\u6210\u5f0f\u7ec8\u7aef\u6570\u636e\u4fdd\u62a4\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u80fd\u591f\u9632\u6b62\u673a\u5bc6\u6570\u636e\u88ab\u76d7\u548c\u610f\u5916\u6cc4\u9732\uff0c\u5e76\u63d0\u4f9b\u9488\u5bf9\u6587\u4ef6\u5904\u7406\u548c\u4f20\u8f93\u7684\u5b89\u5168\u7b56\u7565\u3001\u5171\u4eab\u7ec8\u7aef\u6570\u636e\u6d41\u63a7\u5236\u548c\u6570\u636e\u52a0\u5bc6\u7b49\u529f\u80fd\u3002\r\n\r\n\u591a\u6b3eMcAfee\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7self-protection\u89c4\u5219\uff0c\u4fee\u6539\u6ce8\u518c\u8868\u952e\u548c\u6587\u4ef6\u3002",
  "discovererName": "McAfee",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-02190",
  "openTime": "2016-04-13",
  "patchDescription": "McAfee Active Response\uff08MAR\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002MAR\u662f\u4e00\u5957\u7ec8\u7aef\u5a01\u80c1\u68c0\u6d4b\u4e0e\u54cd\u5e94\u89e3\u51b3\u65b9\u6848\u3002McAfee Agent\uff08MA\uff09\u662f\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002McAfee Data Loss Prevention Endpoint\uff08DLPe\uff09\u662f\u4e00\u5957\u96c6\u6210\u5f0f\u7ec8\u7aef\u6570\u636e\u4fdd\u62a4\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u80fd\u591f\u9632\u6b62\u673a\u5bc6\u6570\u636e\u88ab\u76d7\u548c\u610f\u5916\u6cc4\u9732\uff0c\u5e76\u63d0\u4f9b\u9488\u5bf9\u6587\u4ef6\u5904\u7406\u548c\u4f20\u8f93\u7684\u5b89\u5168\u7b56\u7565\u3001\u5171\u4eab\u7ec8\u7aef\u6570\u636e\u6d41\u63a7\u5236\u548c\u6570\u636e\u52a0\u5bc6\u7b49\u529f\u80fd\u3002\r\n\r\n\u591a\u6b3eMcAfee\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7self-protection\u89c4\u5219\uff0c\u4fee\u6539\u6ce8\u518c\u8868\u952e\u548c\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eMcAfee\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mcafee VirusScan Enterprise 8.8 (VSE)",
      "Mcafee McAfee Agent 5.x (MA)",
      "Mcafee  Data Exchange Layer (DXL)",
      "Mcafee Host Intrusion Prevention Service 8.0",
      "McAfee Data Loss Prevention Endpoint",
      "Mcafee McAfee Device Control",
      "McAfee Endpoint Security (ENS) 10.0",
      "McAfee McAfee Active Response"
    ]
  },
  "referenceLink": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151",
  "serverity": "\u4f4e",
  "submitTime": "2016-04-12",
  "title": "\u591a\u6b3eMcAfee\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.