McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
Vulnerable Products 4
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Mcafee Internet_Security_Suite
cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*
|
— | — |
|
Mcafee Network_Agent
cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*
|
— | — |
|
Mcafee Personal_Firewall_Plus
cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*
|
— | — |
|
Mcafee Virusscan
cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*
|
— | — |
References 7
http://secunia.com/advisories/22371
cve@mitre.org
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
cve@mitre.org
http://securityreason.com/securityalert/1750
cve@mitre.org
http://securitytracker.com/id?1017057
cve@mitre.org
http://www.securityfocus.com/archive/1/448546/100/0/threaded
cve@mitre.org
http://www.securityfocus.com/bid/20496
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/29501
cve@mitre.org