McAfee Virex automatic updates may not properly authenticate the source of updates. This may allow a remote attacker to execute arbitrary commands on a vulnerable system.
McAfee Virex is anti-virus software for the Mac OS X platform. McAfee Virex 7 for Mac OS X connects to a remote FTP server to retrieve updates. However, Virex fails to properly authenticate the server or the contents of the retrieved updates. This may allow a remote attacker to spoof the update server and its contents, allowing that attacker to download and execute arbitrary commands on a Virex client system.
A remote attacker can execute arbitrary commands.
Apply a patch from McAfee Virex
A patch to address this issue is available by visiting the McAfee SecurityCenter and clicking the update button.
Vendor| Status| Date Notified| Date Updated
McAfee| | 01 Dec 2005| 28 Aug 2006
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
Thanks to Anthony Bellissimo, John Burgess, and Kevin Fu for reporting this vulnerability.
This document was written by Jeff Gennari.