Forum Thread: McAfee VirusScan Enterprise Privilege Escalation Vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
McAfee VirusScan Enterprise Privilege Escalation Vulnerability

Secunia McAfee VirusScan Enterprise Privilege Escalation Vulnerability
Secunia Official 6th Mar, 2013 14:17
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
A vulnerability has been reported in McAfee VirusScan Enterprise, which can be exploited by malicious, local users to potentially gain escalated privileges.

The vulnerability is caused due to an unspecified error when enforcing security permissions and can be exploited to gain escalated privileges.

Note: Successful exploitation requires Access Protection, including Self Protection, to be turned off (enabled by default).

The vulnerability is reported in version 8.8 Patch 2.

CH-Systems RE: McAfee VirusScan Enterprise Privilege Escalation Vulnerability
Member 6th Mar, 2013 14:17
Score: 0
Posts: 1
User Since: 6th Mar 2013
System Score: N/A
Location: DE
Last edited on 6th Mar, 2013 14:17
After installing Hotfix 778101 on a Win7 environment with latest McAfee v8.8 Patch2, Secunia PSI still thinks the threat is unpatched because there is no change in the version number (still v8.8.0.975).

McAfee v8.8 Patch3 which probably has a newer version number is available for Windows 8 only.
Was this reply relevant?
+0
-0
This user no longer exists RE: McAfee VirusScan Enterprise Privilege Escalation Vulnerability
Secunia Official 7th Mar, 2013 15:16
Please see my reply in this thread.
http://secunia.com/community/forum/thread/show/139...