| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <B58AFCEEAB15416AB6B8AEDFCDB2297E@W340> Date: Mon, 14 Dec 2015 22:19:03 +0100 From: "Stefan Kanthak" <stefan.kanthak@...go.de> To: <fulldisclosure@...lists.org> Cc: <bugtraq@...urityfocus.com> Subject: Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) Hi @ll, several McAfee "security" products, most notably their Security Scan Plus (see <http://seclists.org/fulldisclosure/2014/Apr/226> for a previous advisory) which Adobe pushes to unsuspecting users of Adobe Reader and Flash Player, are offered as executable installers built with the vulnerable Nullsoft Scriptable Install System (NSIS) (see <http://seclists.org/fulldisclosure/2015/Dec/32> for details). These executable installers are vulnerable and allow arbitrary (remote) code execution and escalation of privilege via the well- known attacks already published in the advisory regarding NSIS and the advisory <http://seclists.org/fulldisclosure/2015/Nov/101> titled Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers For details specific to Intel's/McAfee's products and their vulnerabilities see Intel's Security Bulletin published today: <https://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS102462> stay tuned Stefan Kanthak
Powered by blists - more mailing lists