Remote DoS Vulnerability in McAfee Network Agent Applications
CVE-2006-5417

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan; Personal Firewall Plus; Internet Security Suite; Network Agent
Vendor: CVE Published:; 20 October 2006

Summary

The McAfee Network Agent (mcnasvc.exe) version 1.0.178.0 is susceptible to a denial of service attack that can be exploited by sending a specially crafted long packet. This packet can cause the agent to crash, leading to service disruptions across multiple McAfee products such as the Internet Security Suite, Personal Firewall Plus, and VirusScan. The issue arises due to an invalid string position field value within the agent, making it critical for users to apply available patches and updates to mitigate risks.

References

http://www.securityfocus.com/archive/1/448546/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securitytracker.com/id?1017057

vdb-entryx_refsource_SECTRACK

http://securitydot.net/xpl/exploits/vulnerabilities/artic...

x_refsource_MISC

Timeline

Vulnerability published
Oct 20, 2006
Vulnerability Reserved
Oct 19, 2006