McAfee fixes vulnerability in E-Business Server

Security consultants Infigo has discovered a vulnerability in McAfee's E-Business Server that could allow an attacker to bypass authentication and execute arbitrary code.

Advertisement

McAfee's E-Business Server normally leaves TCP port 1718 open, but the software is unable to deal with oversized authentication packets, causing the software to crash. McAfee has admitted the vulnerability could also be used to execute code.

The researchers at Infigo discovered the problem in version 8.5.2 of E-Business Server for Windows and Linux, although McAfee has accepted that older versions are also vulnerable. The company has made version 8.5.3 available for download to registered users, which fixes the problem. No fix is available for the Linux version yet. Administrators should download and install the newest Windows version as soon as possible. McAfee also recommends using a firewall to restrict port 1718 to trusted clients.

See also:

• McAfee E-Business Server Remote Preauth Code Execution / DoS, Infigo security advisory
• E-Business Server for Windows update fixes potential arbitrary command execution, McAfee security advisory
• Download latest version of the software (for registered users)

(jbe)