McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Internet_security_suite | Mcafee | * | * |
| Network_agent | Mcafee | 1.0.178.0 (including) | 1.0.178.0 (including) |
| Personal_firewall_plus | Mcafee | * | * |
| Virusscan | Mcafee | * | * |
References
- http://secunia.com/advisories/22371
- http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
- http://securityreason.com/securityalert/1750
- http://securitytracker.com/id?1017057
- http://www.securityfocus.com/archive/1/448546/100/0/threaded
- http://www.securityfocus.com/bid/20496
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29501
- http://secunia.com/advisories/22371
- http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html
- http://securityreason.com/securityalert/1750
- http://securitytracker.com/id?1017057
- http://www.securityfocus.com/archive/1/448546/100/0/threaded
- http://www.securityfocus.com/bid/20496
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29501