OSVDB ID: 5626

Title: McAfee ePolicy Orchestrator HTTP POST spipe/file Handler Arbitrary File Creation

Info

Disclosure

Apr 23, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

McAfee ePolicy Orchestrator contains a flaw that may allow a malicious user to execute arbitrary code with system privileges. The flaw is due to the server not properly sanitizing HTTP POST requests. If an attacker supplies a specially crafted request, they may be able to create arbitrary files. With the right files, it is possible to create an installation package that would be executed under some circumstances, allowing arbitrary commands and files to be run with the privileges of the ePo server.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Disclosure: OSVDB Verified
OSVDB: Web Related, Security Software

Solution

Upgrade to version 2.5.1 Patch 14 or higher or 3.0 SP2a Patch 4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

McAfee, Inc.	ePolicy Orchestrator	2.5.1 Patch 13
		3.0 SP2a Patch 3

References

Bugtraq ID: 10200
Secunia Advisory ID: 11471
ISS X-Force ID: 14166
CVE ID: 2004-0038 (see also: NVD)
Keyword: EPO25114 EPO3024 TCP Port 81
Vendor Specific Solution URL: http://download.nai.com/products/patches/ePO/v2.x/EPO25114.zip
http://download.nai.com/products/patches/ePO/v3.0/EPO3024.ZIP
Vendor Specific Advisory URL: http://download.nai.com/products/patches/ePO/v2.x/Patch14.txt
Other Advisory URL: http://xforce.iss.net/xforce/alerts/id/173

Credit

Ben Layer - ISS X-Force

Direct URL: http://osvdb.org/5626

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

McAfee, Inc.

ePolicy Orchestrator

References

Credit