McAfee DLPe Agent Privilege Escalation Vulnerability on Windows XP (SB10097)

medium Nessus Plugin ID 81247

Synopsis

The remote host is affected by a privilege escalation vulnerability.

Description

The remote Windows XP host is running a version of the McAfee DLPe agent that is affected by a privilege escalation vulnerability, which a local attacker can exploit by sending specially crafted commands to a kernel mode driver.

Solution

Upgrade to McAfee DLPe 9.3 Patch 4 or higher.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=SB10097

Plugin Details

Severity: Medium

ID: 81247

File Name: mcafee_dlpe_SB10097.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 2/9/2015

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:mcafee:data_loss_prevention_endpoint

Required KB Items: installed_sw/McAfee DLPe Agent

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/20/2015

Vulnerability Publication Date: 1/20/2015

Reference Information

CVE: CVE-2015-1305

BID: 72395

MCAFEE-SB: SB10097