Government of the Republic of Trinidad and Tobago

TTCSIRT-028.073117: TT-CSIRT Advisory – McAfee Security Updates

TTCSIRT-028.073117: TT-CSIRT Advisory – McAfee Security Updates

McAfee has released a security bulletin to address multiple vulnerabilities in Web Gateway:

a) CVE-2012-6706 – a VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 and other products, that can lead to arbitrary code execution.

b) CVE-2017-1000364 – an issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be “jumped” over (the stack guard page is bypassed).

c) CVE-2017-1000366 – glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution.

d) CVE-2017-1000368 – sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

Further information on this security bulletin and how the vulnerabilities can be fixed are available on the McAfee Website at