Security flaw in McAfee enterprise software gives attackers root access
Security researcher Andrew Fasano from MIT Lincoln Laboratory said this week that a total of 10 security flaws, if chained together, allows the execution of code remotely as a root user.
"At a first glance, Intel's McAfee VirusScan Enterprise for Linux has all the best characteristics that vulnerability researchers love: it runs as root, it claims to make your machine more secure, it's not particularly popular, and it looks like it hasn't been updated in a long time," the security advisory reads. "When I noticed all these, I decided to take a look."
The vulnerabilities are present from at least VirusScan Enterprise for Linux version 1.9.2 through 2.0.2, which was released in April this year. "The only difference from the older release appears to be updating to a newer version of libc which makes exploiting these vulnerabilities easier," Fasano says.