[Am-info] McAfee Security Installer Control System Information Disclosure(OT)
Fred Miller
fmiller@lightlink.com
Thu, 29 Apr 2004 04:43:29 -0400
Interesting, no?
=46red
McAfee Security Installer Control System Information Disclosure
SECUNIA ADVISORY ID:
SA11493
VERIFY ADVISORY:
http://secunia.com/advisories/11493/
CRITICAL:
Less critical
IMPACT:
Exposure of system information, Exposure of sensitive information
WHERE:
=46rom remote
SOFTWARE:
McAfee Security Installer Control 4.x
DESCRIPTION:
Jonathan Payne has discovered a security issue in the McAfee Security
Installer Control (mcinsctl.dll), which can be exploited by malicious
people to gain knowledge of sensitive information.
McAfee Security Installer Control is an ActiveX component, which is
installed on a user's system when downloading products from the
vendor's website. The problem is that values in user accessible
registry keys can be read via the "RegQueryValue()" method in the
"McAfee.com Registry Class" object. This can be exploited by e.g.
tricking a user into visiting a malicious website.
The issue has been confirmed in version 4.0.0.81. Other versions may
also be affected.
SOLUTION:
Delete the affected ActiveX component (mcinsctl.dll).
PROVIDED AND/OR DISCOVERED BY:
Jonathan Payne
=2D-=20
"The only secure Microsoft software is what's still
shrink-wrapped in their warehouse..." (Forno)