TTCSIRT-028.073117: TT-CSIRT Advisory – McAfee Security Updates
McAfee has released a security bulletin to address multiple vulnerabilities in Web Gateway:
a) CVE-2012-6706 – a VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution.
b) CVE-2017-1000364 – an issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be “jumped” over (the stack guard page is bypassed).
c) CVE-2017-1000366 – glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution.
d) CVE-2017-1000368 – sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.
| Further information on this security bulletin and how the vulnerabilities can be fixed are available on the McAfee Website at https://kc.mcafee.com/corporate/index?page=content&id=SB10205&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US |