McAfee ePolicy Orchestrator MSDE SA Account Compromise

2003-07-31T00:00:00
ID OSVDB:2351
Type osvdb
Reporter Andreas Junestam(andreas@atstake.com)
Modified 2003-07-31T00:00:00

Description

Vulnerability Description

McAfee ePolicy Orchestrator contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by issuing a properly formatted HTTP request to the ePO Server to get the server config file. This config file contains username and encrypted password for the database administrator of the MSDE installation. With this information, an attacker could decrypt the password, which could then be used to launch further attacks against the affected system.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, McAfee has released a patch to address this vulnerability.

Short Description

McAfee ePolicy Orchestrator contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by issuing a properly formatted HTTP request to the ePO Server to get the server config file. This config file contains username and encrypted password for the database administrator of the MSDE installation. With this information, an attacker could decrypt the password, which could then be used to launch further attacks against the affected system.

References:

Vendor Specific Solution URL: http://www.networkassociates.com/us/downloads/updates/hotfixes.asp Vendor Specific Advisory URL Security Tracker: 1007356 Secunia Advisory ID:9413 Related OSVDB ID: 5636 Related OSVDB ID: 5637 Related OSVDB ID: 5635 Other Advisory URL: http://www.atstake.com/research/advisories/2003/a073103-1.txt Keyword: ePO ISS X-Force ID: 12787 CVE-2003-0148 Bugtraq ID: 8319