CVE-2006-6474

Name of the Vulnerable Software and Affected Versions McAfee VirusScan for Linux versions 4510e and earlier

Description The issue concerns an untrusted search path vulnerability. It includes the current working directory in the DT RPATH environment variable, allowing local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory.

Recommendations For McAfee VirusScan for Linux versions 4510e and earlier, consider restricting access to the DT RPATH environment variable to prevent local users from loading arbitrary ELF DSO libraries until a patch is available.