CNVD-2016-02190
Vulnerability from cnvd - Published: 2016-04-13
VLAI Severity ?
Title
多款McAfee产品安全绕过漏洞
Description
McAfee Active Response(MAR)等都是美国迈克菲(McAfee)公司的产品。MAR是一套终端威胁检测与响应解决方案。McAfee Agent(MA)是一套提供了ePolicy Orchestrator(杀毒软件管理平台)与被管理产品之间的安全通信的客户端组件。McAfee Data Loss Prevention Endpoint(DLPe)是一套集成式终端数据保护解决方案。该方案能够防止机密数据被盗和意外泄露,并提供针对文件处理和传输的安全策略、共享终端数据流控制和数据加密等功能。
多款McAfee产品中存在安全漏洞。本地攻击者可利用该漏洞绕过self-protection规则,修改注册表键和文件。
Severity
低
Patch Name
多款McAfee产品安全绕过漏洞的补丁
Patch Description
McAfee Active Response(MAR)等都是美国迈克菲(McAfee)公司的产品。MAR是一套终端威胁检测与响应解决方案。McAfee Agent(MA)是一套提供了ePolicy Orchestrator(杀毒软件管理平台)与被管理产品之间的安全通信的客户端组件。McAfee Data Loss Prevention Endpoint(DLPe)是一套集成式终端数据保护解决方案。该方案能够防止机密数据被盗和意外泄露,并提供针对文件处理和传输的安全策略、共享终端数据流控制和数据加密等功能。
多款McAfee产品中存在安全漏洞。本地攻击者可利用该漏洞绕过self-protection规则,修改注册表键和文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://kc.mcafee.com/corporate/index?page=content&id=SB10151
Reference
https://kc.mcafee.com/corporate/index?page=content&id=SB10151
Impacted products
| Name | ['Mcafee VirusScan Enterprise 8.8 (VSE)', 'Mcafee McAfee Agent 5.x (MA)', 'Mcafee Data Exchange Layer (DXL)', 'Mcafee Host Intrusion Prevention Service 8.0', 'McAfee Data Loss Prevention Endpoint', 'Mcafee McAfee Device Control', 'McAfee Endpoint Security (ENS) 10.0', 'McAfee McAfee Active Response'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-3984"
}
},
"description": "McAfee Active Response\uff08MAR\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002MAR\u662f\u4e00\u5957\u7ec8\u7aef\u5a01\u80c1\u68c0\u6d4b\u4e0e\u54cd\u5e94\u89e3\u51b3\u65b9\u6848\u3002McAfee Agent\uff08MA\uff09\u662f\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002McAfee Data Loss Prevention Endpoint\uff08DLPe\uff09\u662f\u4e00\u5957\u96c6\u6210\u5f0f\u7ec8\u7aef\u6570\u636e\u4fdd\u62a4\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u80fd\u591f\u9632\u6b62\u673a\u5bc6\u6570\u636e\u88ab\u76d7\u548c\u610f\u5916\u6cc4\u9732\uff0c\u5e76\u63d0\u4f9b\u9488\u5bf9\u6587\u4ef6\u5904\u7406\u548c\u4f20\u8f93\u7684\u5b89\u5168\u7b56\u7565\u3001\u5171\u4eab\u7ec8\u7aef\u6570\u636e\u6d41\u63a7\u5236\u548c\u6570\u636e\u52a0\u5bc6\u7b49\u529f\u80fd\u3002\r\n\r\n\u591a\u6b3eMcAfee\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7self-protection\u89c4\u5219\uff0c\u4fee\u6539\u6ce8\u518c\u8868\u952e\u548c\u6587\u4ef6\u3002",
"discovererName": "McAfee",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-02190",
"openTime": "2016-04-13",
"patchDescription": "McAfee Active Response\uff08MAR\uff09\u7b49\u90fd\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002MAR\u662f\u4e00\u5957\u7ec8\u7aef\u5a01\u80c1\u68c0\u6d4b\u4e0e\u54cd\u5e94\u89e3\u51b3\u65b9\u6848\u3002McAfee Agent\uff08MA\uff09\u662f\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002McAfee Data Loss Prevention Endpoint\uff08DLPe\uff09\u662f\u4e00\u5957\u96c6\u6210\u5f0f\u7ec8\u7aef\u6570\u636e\u4fdd\u62a4\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u80fd\u591f\u9632\u6b62\u673a\u5bc6\u6570\u636e\u88ab\u76d7\u548c\u610f\u5916\u6cc4\u9732\uff0c\u5e76\u63d0\u4f9b\u9488\u5bf9\u6587\u4ef6\u5904\u7406\u548c\u4f20\u8f93\u7684\u5b89\u5168\u7b56\u7565\u3001\u5171\u4eab\u7ec8\u7aef\u6570\u636e\u6d41\u63a7\u5236\u548c\u6570\u636e\u52a0\u5bc6\u7b49\u529f\u80fd\u3002\r\n\r\n\u591a\u6b3eMcAfee\u4ea7\u54c1\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7self-protection\u89c4\u5219\uff0c\u4fee\u6539\u6ce8\u518c\u8868\u952e\u548c\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "\u591a\u6b3eMcAfee\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Mcafee VirusScan Enterprise 8.8 (VSE)",
"Mcafee McAfee Agent 5.x (MA)",
"Mcafee Data Exchange Layer (DXL)",
"Mcafee Host Intrusion Prevention Service 8.0",
"McAfee Data Loss Prevention Endpoint",
"Mcafee McAfee Device Control",
"McAfee Endpoint Security (ENS) 10.0",
"McAfee McAfee Active Response"
]
},
"referenceLink": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151",
"serverity": "\u4f4e",
"submitTime": "2016-04-12",
"title": "\u591a\u6b3eMcAfee\u4ea7\u54c1\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…