Yet more vulnerabilities in major security products
Serious McAfee buffer overflow flaws join yet another Trend UPX issue.
Several vulnerabilities have been found in McAfee's ePolicy Orchestrator management tool, which
could be exploited to gain remote access to systems running the software. Patches have been made available
and users are advised to ensure they are applied as soon as possible. Several versions of EPO 3, as well as
ProtectionPilot, are thought to be affected.
A researcher at Fortinet's security research team discovered the buffer overflow flaws in an
ActiveX control used by the software, and reported them to McAfee in mid and late December 2006. The
issues have been made public following the release of fixes, which can be found
here. A detailed report, sent
to Full-disclosure by the researcher who found the flaws, is
here, and an alert
from Secunia is here.
Trend Micro, already hit by a string of
vulnerabilities in recent weeks, has suffered another problem
in its anti-virus engine, which could cause a full system crash on exposure to a carefully crafted malicious
file. The problem, caused by a divide-by-zero error in processing UPX compressed files, affects version 8 of
the Trend engine, and while some systems may only lose service from the malware scanner,
Windows users could suffer a 'Blue Screen of Death' (BSOD) crash of the whole operating system.
The flaw was reported via iDefense two weeks ago, and an update to pattern files was issued by
Trend on Tuesday to rectify the error. The iDefense notification is
here, and details
from Trend are
here.
15 March 2007
Tags:
virus
del.icio.us 
digg this
