Careers & Certifications

05:50 PM
Connect Directly
RSS
E-Mail
50%
50%

Researcher Uncovers McAfee Linux VirusScan Flaw

A security researcher has discovered a vulnerability in McAfee's VirusScan Command Line Scanner antivirus software that could enable remote attackers to execute malicious code.

A security researcher has discovered a vulnerability in McAfee's VirusScan Command Line Scanner antivirus software that could enable remote attackers to execute malicious code.

The flaw affects VirusScan versions 4510e and older and is caused by a glitch in an embedded DT_RPATH tag, which instructs the software to search the working directory for shared library files in Linux.

An attacker could exploit the flaw by getting a user to run a scan on a rigged file in the directory where they saved it, which would allow the execution of malicious code on the system with user privileges, according to Jakub Moc, a security researcher with Gentoo Linux, who was credited with discovering the vulnerability.

"This is very easy to exploit, and if VirusScan is used in a mail scanner on a mail server, just sending someone an e-mail with an attachment with the right name would execute it," Moc said.

Gentoo Linux rated the severity of the threat as "high," or 3 on a 3-point scale, and Symantec Deepsight gave it an aggregate threat score of 7.8 out of 10. However, the French Security Incident Research Team rated the flaw as "moderate," or 2 on a 4-point scale.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed