Vigil@nce - McAfee Application Control: code execution on Linux
November 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When McAfee Application Control is installed on Linux, an
authenticated attacker can change binaries, in order to execute
malicious code.
Impacted products: McAfee Application Control
Severity: 2/4
Creation date: 06/11/2013
DESCRIPTION OF THE VULNERABILITY
The McAfee Application Control product can be installed on Linux.
However, writing permissions are not correctly managed. Technical
details are unknown.
When McAfee Application Control is installed on Linux, an
authenticated attacker can therefore change binaries, in order to
execute malicious code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/McAfee-Application-Control-code-execution-on-Linux-13713