Careers & Certifications

05:50 PM
Connect Directly
RSS
E-Mail
50%
50%

Researcher Uncovers McAfee Linux VirusScan Flaw

A security researcher has discovered a vulnerability in McAfee's VirusScan Command Line Scanner antivirus software that could enable remote attackers to execute malicious code.

A security researcher has discovered a vulnerability in McAfee's VirusScan Command Line Scanner antivirus software that could enable remote attackers to execute malicious code.

The flaw affects VirusScan versions 4510e and older and is caused by a glitch in an embedded DT_RPATH tag, which instructs the software to search the working directory for shared library files in Linux.

An attacker could exploit the flaw by getting a user to run a scan on a rigged file in the directory where they saved it, which would allow the execution of malicious code on the system with user privileges, according to Jakub Moc, a security researcher with Gentoo Linux, who was credited with discovering the vulnerability.

"This is very easy to exploit, and if VirusScan is used in a mail scanner on a mail server, just sending someone an e-mail with an attachment with the right name would execute it," Moc said.

Gentoo Linux rated the severity of the threat as "high," or 3 on a 3-point scale, and Symantec Deepsight gave it an aggregate threat score of 7.8 out of 10. However, the French Security Incident Research Team rated the flaw as "moderate," or 2 on a 4-point scale.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
4
IT Certification's Top 10 Benefits
Global Knowledge, Global Knowledge,  8/20/2014
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Slideshows
Twitter Feed