OSVDB ID: 36101

Title: McAfee Multiple Products ePolicy Orchestrator CMA Framework Service Remote Overflow

Info

Disclosure

Jul 10, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in McAfee Common Management Agent (CMA). The CMA agent is vulnerable to an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution or trigger a denial of service resulting in a loss of integrity and/or availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Security Software

Solution

Upgrade to Common Management Agent 3.5.5 patch 2 (3.5.5.580) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

McAfee, Inc.	ProtectionPilot	1.5
		1.1.1
	ePolicy Orchestrator	3.5
		3.6
		3.6.1
	Common Management Agent	3.5.5.438

References

Security Tracker: 1018363
CVE ID: 2006-5274 (see also: NVD)
Bugtraq ID: 24863
Secunia Advisory ID: 26029
ISS X-Force ID: 31165
Related OSVDB ID: 36098 36099 36100
VUPEN Advisory: ADV-2007-2498
Other Advisory URL: http://www.iss.net/threats/269.html
Vendor Specific News/Changelog Entry: https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html

Credit

Neel Mehta - -

Direct URL: http://osvdb.org/36101

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

McAfee, Inc.

ProtectionPilot

ePolicy Orchestrator

Common Management Agent

References

Credit