McAfee VirusScan Enterprise 8.0.0 Buffer Overflow

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: McAfee VirusScan Enterprise 8.0.0 Buffer Overflow
From: johndoe1529@xxxxxxxxx
Date: 7 Jul 2006 01:00:52 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

A local Buffer Overflow was discovered in McAfee VirusScan Enterprise 8.0.0.
The overflow can be triggered within the "Buffer OverFlow Protection 
Properties" by creating a buffer overflow exclusion. Then fill each field
with data, and click ok, and apply
Process name: AAAAAAAAAAAAAAAAA......etc
Module name: AAAAAAAAAAAAAAAAAA......etc
API name: AAAAAAAAAAAAAAAAAAAAA......etc

This will trigger various exceptions based on amount of data added to each 
field.

This will DoS the AV . McAfee AV will not run correctly again until Buffer 
Overflow Protection is disabled or the Buffer Overflow Exclusion is removed.

Prev by Date: Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)
Next by Date: Mico crashes when contected with wrong IOR / DoS
Previous by thread: Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006)
Next by thread: Mico crashes when contected with wrong IOR / DoS
Index(es):
- Date
- Thread