McAfee Multiple Product ePolicy Orchestrator Crafted UDP Packet Remote Overflow

2007-07-10T17:23:40
ID OSVDB:36098
Type osvdb
Reporter Neel Mehta()
Modified 2007-07-10T17:23:40

Description

Vulnerability Description

A remote overflow exists in McAfee Common Management Agent. The CMA agent is vulnerable to an integer underflow resulting in a stack corruption. With a specially crafted UDP packet, an attacker can cause remote code execution resulting in a loss of integrity.

Solution Description

Upgrade to McAfee Common Management Agent 3.6 patch 1 (3.6.0.546) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in McAfee Common Management Agent. The CMA agent is vulnerable to an integer underflow resulting in a stack corruption. With a specially crafted UDP packet, an attacker can cause remote code execution resulting in a loss of integrity.

References:

Vendor Specific News/Changelog Entry: https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html Security Tracker: 1018363 Secunia Advisory ID:26029 Related OSVDB ID: 36100 Related OSVDB ID: 36099 Related OSVDB ID: 36101 Other Advisory URL: http://www.iss.net/threats/269.html Nessus Plugin ID:25702 ISS X-Force ID: 31162 FrSIRT Advisory: ADV-2007-2498 CVE-2006-5271 Bugtraq ID: 24863