CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8023 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8023
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. Vulnerabilidad de elusión de autenticación por datos supuestos inmutables en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados eludir autenticación del servidor través de una cookie de autenticación manipulada. McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/40911 http://www.securityfocus.com/bid/94823 http://www.securitytracker.com/id/1037433 https://kc.mcafee.com/corporate/index?page=content&id=SB10181 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2016-8021 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8021
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. Vulnerabilidad de verificación inapropiada de firma criptográfica en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados suplantar el servidor de actualización y ejecutar código arbitrario a través de un archivo de entrada manipulado. McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/40911 http://www.securityfocus.com/bid/94823 http://www.securitytracker.com/id/1037433 https://kc.mcafee.com/corporate/index?page=content&id=SB10181 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8016 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8016
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. Exposición de información en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados obtener la existencia de archivos no autorizados en el sistema a través de un parámetro de URL. McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/40911 https://github.com/opsxcq/exploit-CVE-2016-8016-25 http://www.securityfocus.com/bid/94823 http://www.securitytracker.com/id/1037433 https://kc.mcafee.com/corporate/index?page=content&id=SB10181 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.0EPSS: 0%CPEs: 2EXPL: 4CVE-2016-4534 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-4534
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. La McAfee VirusScan Console (mcconsol.exe) en McAfee VirusScan Enterprise 8.8.0 en versiones anteriores a Hotfix 1123565 (8.8.0.1546) sobre Windows permite a administradores locales eludir reglas destinadas a la autoprotección y desbloquear la ventana de consola cerrando handles de registro. • https://www.exploit-db.com/exploits/39531 http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html http://seclists.org/fulldisclosure/2016/Mar/13 http://www.securitytracker.com/id/1035754 https://kc.mcafee.com/corporate/index?page=content&id=SB10158 https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf https://lab.mediaservice.net/advisory/2016-01-mcafee.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.1EPSS: 0%CPEs: 8EXPL: 2CVE-2016-3984 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-3984
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. El McAfee VirusScan Console (mcconsol.exe) en McAfee Active Response (MAR) en versiones anteriores a 1.1.0.161, Agent (MA) 5.x en versiones anteriores a 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) en versiones anteriores a 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Device Control (MDC) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Endpoint Security (ENS) 10.x en versiones anteriores a 10.1, Host Intrusion Prevention Service (IPS) 8.0 en versiones anteriores a 8.0.0.3624 y VirusScan Enterprise (VSE) 8.8 en versiones anteriores a P7 (8.8.0.1528) en Windows permite a administradores locales eludir las reglas destinadas a la autoprotección y desactivar el motor del antivirus modificando claves de registro. • https://www.exploit-db.com/exploits/39531 http://lab.mediaservice.net/advisory/2016-01-mcafee.txt http://seclists.org/fulldisclosure/2016/Mar/13 http://www.securitytracker.com/id/1035130 https://kc.mcafee.com/corporate/index?page=content&id=SB10151 • CWE-284: Improper Access Control •