McAfee Encrypted USB Manager Remote Security Bypass Vulnerability Network Vulnerability

Summary

The host is running McAfee Encrypted USB Manager, which is prone to sensitive information disclosure vulnerability.

Impact

Remote exploitation could lead an attacker towards password guessing. Impact Level : Application

Solution

Apply Service Pack 1, http://download.nai.com/products/patches/EncryptedUSB/ServicePack1-McAfeeEncryptedUSBManagerv3.zip OR Upgrade to latest McAfee Encrypted USB Manager, http://mcafee.com

Insight

The issue is caused when the password policy, 'Re-use Threshold' is set to non-zero value.

Affected

McAfee Encrypted USB Manager 3.1.0.0 on Windows (All).

References

http://secunia.com/advisories/31433/
http://www.mcafee.com/apps/downloads/security_updates/hotfixes.asp?region=us&segment=enterprise

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3605
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

McAfee Encrypted USB Manager Remote Security Bypass Vulnerability
BlackBerry Desktop Software Security Bypass Vulnerability

Take action and discover your vulnerabilities