McAfee Multiple Product ePolicy Orchestrator Crafted Packet Remote Overflow

2007-07-10T17:23:40
ID OSVDB:36100
Type osvdb
Reporter Neel Mehta()
Modified 2007-07-10T17:23:40

Description

Vulnerability Description

A remote overflow exists in McAfee Common Management Agent. The CMA agent fails to check proper bounds on certain packets resulting in a heap-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution or trigger a denial of service resulting in a loss of confidentiality and/or availability.

Solution Description

Upgrade to McAfee Common Management Agent 3.6.0 Patch 1 (3.6.0.546) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in McAfee Common Management Agent. The CMA agent fails to check proper bounds on certain packets resulting in a heap-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution or trigger a denial of service resulting in a loss of confidentiality and/or availability.

References:

Vendor Specific News/Changelog Entry: https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html Security Tracker: 1018363 Secunia Advisory ID:26029 Related OSVDB ID: 36098 Related OSVDB ID: 36099 Related OSVDB ID: 36101 Other Advisory URL: http://www.iss.net/threats/269.html Nessus Plugin ID:25702 ISS X-Force ID: 31164 FrSIRT Advisory: ADV-2007-2498 CVE-2006-5273 Bugtraq ID: 24863