Title

McAfee Smartfilter Administration Remote Code Execution Vulnerability (Cat I impact)

Discussion

McAfee has released a security advisory addressing a remote code execution vulnerability in Smartfilter Administration. McAfee Smartfilter Administration is a web filtering application. To exploit this vulnerability, a remote attacker would send a malicious .war file without authentication. If successfully exploited, the attacker would gain access to execute arbitrary code and compromise the affected system.

Check Content

See IAVM notice and vendor bulletin for additional information. Vulnerable Applications/Systems: SmartFilter Administration version 4.2.1 and earlier, including the Bess Edition Verify the application's version number by using Help, About or similar menu selections. Ensure the Application/System version is at least the version listed below. SmartFilter Administration 4.2.1.01 or later of either SmartFilter Administration OR SmartFilter Administration, Bess Edition Windows - Alternately, verify the version through the Support information link for the program in Add or Remove Programs or Programs and Features (Vista Forward). To expose the version column in Programs and Features right click somewhere in the column headers, select More and select Version.

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-33691

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.