Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2018.0230
McAfee fixes 7-zip vulnerability in DLP Monitor and DLP Prevent
5 October 2018
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: McAfee Data Loss Prevention Monitor
McAfee Data Loss Prevention Prevent
Operating System: Windows
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Denial of Service -- Existing Account
Resolution: Patch/Upgrade
Member content until: Sunday, November 4 2018
Reference: ESB-2018.1385
OVERVIEW
A vulnerability has been identified in McAfee DLP Monitor and
DLP Prevent prior to version 11.0.600-3489.103. [1]
IMPACT
McAfee has provided the following information:
"Vulnerability Description
CVE-2018-10115
Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and
earlier can lead to usage of uninitialized memory, allowing remote attackers to
cause a denial of service (segmentation fault) or execute arbitrary code via a
crafted RAR archive.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6515" [1]
MITIGATION
McAfee advises updating installations of DLP Monitor and DLP Prevent
to 11.0.600-3489.103 or later. [1]
REFERENCES
[1] McAfee Security Bulletin - DLP Monitor and DLP Prevent 11 update
fixes 7-Zip vulnerability (CVE-2018-10115)
https://kc.mcafee.com/corporate/index?page=content&id=SB10251
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBW7b7QGaOgq3Tt24GAQjVlBAAy4+ENqHGJIH5CKmUXf9u/C9D8LAgtmqB
CLf+361EoNTOuxyUZf60hmFdnlhwCvMw1VfdE3cc4YH/S8cnBRhlaOiXlRiJ4K6H
xJUdZtL4GPg/8ExBXyY9qrEh35VVPbN6Bt+disBQT2SiSncrMA4/UyBoXfSDkLxx
fBCw4AcHH9fr2fu33Ux+5mCxC7+L6lwTwa1RxduJQ8gfEP/L/QUQJ5Jp9ks+dzx2
V0XkZwN2FevrdfFkgY/t84PUuieKw9vl5LBsft+yv43PFKWynUSb7UrA5tT+4uVK
Iw0LLVKrOpjfYbfBd2OfcShM9sUvqYkSYxXmKism8wIVWpCSJsTMYIxwZvkaxgCf
MAS2+GoMwVr7JdUunEwWw8gn4tfFj8ldFtI7DnFmE4wVX47vYsrIpuL8k1+B8tGs
grIqwtJtji7V93dXTahc0LiLQZ1hzXHvlGp3jPdMfBF6FhAh8BCtj7ON9QHyM5dY
lUXmq512MW2cgDRD6ov7TvQI1w28bG1E/INdDevyT7mIC7z06ovxWyvCOAg67t+c
Ddql+iECTY+dzpM6XTrsIp7RVCHLBtRc665Ffz/asCu0L7YnJ1cg5NzBA/pBVnVX
G1G91nm91u7s6TzAf04ox4ZAxXiCACCXMEGaVwcpMgsVOkQKtTmTMUgqghqqUkOm
9ig40zBBl98=
=NC/N
-----END PGP SIGNATURE-----