CVE-2006-5417
https://notcve.org/view.php?id=CVE-2006-5417
McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information. McAfee Network Agent (mcnasvc.exe) 1.0.178.0, según lo utilizado por múltiples productos McAfee posiblemente incluyendo Internet Security Suite, Personal Firewall Plus, y VirusScan, permiten a un atacante remoto provocar denegación de servicio (caida del agente) a través de un gran paquete, posiblemente a causa de un valor de posición de cadena inválido. NOTA: algunos de los detalles de esta información se obtuvieron de terceros. • http://secunia.com/advisories/22371 http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html http://securityreason.com/securityalert/1750 http://securitytracker.com/id?1017057 http://www.securityfocus.com/archive/1/448546/100/0/threaded http://www.securityfocus.com/bid/20496 https://exchange.xforce.ibmcloud.com/vulnerabilities/29501 •
CVE-2006-3961 – McAfee Subscription Manager - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. Desbordamiento de búfer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervención del usuario ejecutar comandos de su elección a través de paráametros string, los cuales son posteriormente usados en vsprintf. • https://www.exploit-db.com/exploits/16510 http://secunia.com/advisories/21264 http://securitytracker.com/id?1016614 http://ts.mcafeehelp.com/faq3.asp?docid=407052 http://www.eeye.com/html/research/advisories/AD2006807.html http://www.eeye.com/html/research/upcoming/20060719.html http://www.kb.cert.org/vuls/id/481212 http://www.osvdb.org/27698 http://www.securityfocus.com/archive/1/442495/100/100/threaded http://www.securityfocus.com/bid/19265 http://www.vupen. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •