SB2018061501 - Multiple vulnerabilities in McAfee Web Gateway

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018061501

SB2018061501 - Multiple vulnerabilities in McAfee Web Gateway

Published: June 15, 2018 Updated: June 15, 2018

Security Bulletin ID SB2018061501
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Authentication bypass (CVE-ID: CVE-2018-6667)

The vulnerability allows a remote attacker to bypass authentication and execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can send specially crafted data to the Java management extensions (JMX) service on the administrative user interface via TCP port 1099, bypass authentication and execute arbitrary code.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Integer overflow (CVE-ID: CVE-2018-1124)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to integer overflow in libprocps's file2strvec() function. A local attacker can execute a vulnerable utility (pgrep, pidof, pkill, and w are vulnerable by default; other utilities are vulnerable if executed with non-default options) and gain elevated privileges.

3) Buffer overflow (CVE-ID: CVE-2017-12942)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing archives in in the Unpack::LongLZ function in libunrar.a in UnRAR before 5.5.7. A remote unauthenticated attacker can create a specially crafted archive, trick the victim into opening it an execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Out-of-bounds read (CVE-ID: CVE-2017-12941)

The vulnerability allows a remote attacker to crash the affected application.

The vulnerability exists due to out-of-bounds read in libunrar.a in UnRAR before 5.5.7 in the Unpack::Unpack20 function. A remote attacker can create a specially crafted archive and crash the affected application.


5) Out-of-bounds read (CVE-ID: CVE-2017-12940)

The vulnerability allows a remote attacker to crash the affected application.

The vulnerability exists due to out-pf-bounds read in libunrar.a in UnRAR before 5.5.7 in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. A remote attacker can create a specially crafted archive and crash the affected application.


Remediation

Install update from vendor's website.

References