From a24567fbc43f221b14e805f9bc0b7c6d16911c46 Mon Sep 17 00:00:00 2001 From: Alex Legler Date: Sun, 8 Mar 2015 22:02:38 +0100 Subject: Import existing advisories --- glsa-200612-15.xml | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 glsa-200612-15.xml (limited to 'glsa-200612-15.xml') diff --git a/glsa-200612-15.xml b/glsa-200612-15.xml new file mode 100644 index 00000000..e6d0ef63 --- /dev/null +++ b/glsa-200612-15.xml @@ -0,0 +1,70 @@ + + + + + + + McAfee VirusScan: Insecure DT_RPATH + + McAfee VirusScan for Linux is distributed with an insecure DT_RPATH, + potentially allowing a remote attacker to execute arbitrary code. + + vlnx + December 14, 2006 + December 14, 2006: 01 + 156989 + remote + + + 4510e + + + +

+ McAfee VirusScan for Linux is a commercial antivirus solution for + Linux. +

+ + +

+ Jakub Moc of Gentoo Linux discovered that McAfee VirusScan was + distributed with an insecure DT_RPATH which included the current + working directory, rather than $ORIGIN which was probably intended. +

+ + +

+ An attacker could entice a VirusScan user to scan an arbitrary file and + execute arbitrary code with the privileges of the VirusScan user by + tricking the dynamic loader into loading an untrusted ELF DSO. An + automated system, such as a mail scanner, may be subverted to execute + arbitrary code with the privileges of the process invoking VirusScan. +

+ + +

+ Do not scan files or execute VirusScan from an untrusted working + directory. +

+ + +

+ As VirusScan verifies that it has not been modified before executing, + it is not possible to correct the DT_RPATH. Furthermore, this would + violate the license that VirusScan is distributed under. For this + reason, the package has been masked in Portage pending the resolution + of this issue. +

+ + # emerge --ask --verbose --unmerge "app-antivirus/vlnx" + + + CVE-2006-6474 + + + taviso + + + falco + + -- cgit v1.2.3-65-gdbad