Description
Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory.
Affected products
- McAfee / virusscan4510e
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/23429
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/30898
- VENDOR_ADVISORYhttp://secunia.com/advisories/23278
- MISChttp://securitytracker.com/id?1017385
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/5023
- MISChttp://www.securityfocus.com/bid/21592
- MISChttp://security.gentoo.org/glsa/glsa-200612-15.xml