فا

‫ McAfee Multiple Products OpenSSL Multiple Vulnerabilities

ID: IRCAD2015043854
Release Date: 2015-04-02
Criticality level: Highly critical
Software:
McAfee Asset Manager 6.x
McAfee Email Gateway 7.x
McAfee Firewall Enterprise (formely Sidewinder Firewall) 7.x
McAfee Firewall Enterprise 8.x
McAfee Next Generation Firewall (NGFW) 5.x
McAfee SSL VPN (formerly Stonesoft SSL VPN) 1.x
McAfee Web Gateway 7.x
McAfee Agent 4.x
McAfee Agent 5.x
McAfee Endpoint Intelligence Agent 2.x
McAfee ePO Deep Command 1.x
McAfee ePO Deep Command 2.x
McAfee ePolicy Orchestrator 4.x
McAfee ePolicy Orchestrator 5.x
McAfee Firewall Enterprise Control Center 5.x
McAfee Quarantine Manager 7.x
McAfee Security Information and Event Management (SIEM) 8.x
McAfee Security Information and Event Management (SIEM) 9.x
McAfee VirusScan Enterprise for Linux 1.x
McAfee VirusScan Enterprise for Linux 2.x
McAfee Vulnerability Manager 7.x
Description:
McAfee has acknowledged multiple vulnerabilities in multiple McAfee products, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to a bundled vulnerable version of OpenSSL.
The vulnerabilities are reported in the following products and versions (please see the vendor's advisory concerning CVEs in relation to products):
* McAfee Endpoint Intelligence Agent versions 2.0 through 2.4
* McAfee Email Gateway versions 7.6 and 7.7
* McAfee Firewall Enterprise versions 7.0.1.02, 7.0.1.03, 8.1.x, 8.2.x, and 8.3.x
* McAfee Firewall Enterprise Control Center versions 5.2.x and 5.3.x
* McAfee Quarantine Manager versions 7.x
* McAfee Web Gateway versions 7.x
* McAfee Next Generation Firewall (NGFW) versions 5.x
* McAfee Security Information and Event Management (SIEM) versions 8.x and 9.x
* McAfee ePO Deep Command versions 1.0, 1.5, 2.0, 2.1, and 2.2
* McAfee ePolicy Orchestrator versions 4.6.x, 5.1.x, and 5.3.x
* McAfee Agent versions 4.6 and 5.0
* McAfee Asset Manager versions 6.x
* McAfee Vulnerability Manager version 7.5
* McAfee VirusScan Enterprise for Linux versions 1.7, 1.8, 1.9.x, and 2.0.x
* McAfee SSL VPN versions 1.5.x
Solution
Apply fixes if available. Please see the vendor's advisory for details.
References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 6 اردیبهشت 1394

امتیاز

امتیاز شما
تعداد امتیازها:0