漏洞类别:CGI
漏洞等级: 
漏洞信息
McAfee Web Gateway Anti-Malware Engine, part of McAfee Web Protection, is a powerful in-line technology designed to protect against contemporary threats delivered via HTTP and HTTPS channels, taking web exploit detection, zero-day, and targeted threat prevention to the next level.
McAfee Web Gateway uses a version of 'glibc' which was found vulnerable to stack guard page bypass and arbitrary code execution via LD_LIBRARY_PATH values.
Affected Versions:
McAfee Web Gateway prior to version 7.6.2.16
McAfee Web Gateway prior to version 7.7.2.4
QID Detection Logic:
This QID retrieves McAfee Web Gateway version over port 9090 and checks to see if it's vulnerable.
漏洞危害
An unauthenticated attacker could exploit this vulnerability to execute arbitrary code on the system.
解决方案
0daybank
文章评论