SAINT CorporationSAINT:2027EED3722170728B6FC6EC34E3D4A0McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.875 High
EPSS
Percentile
98.3%
Added: 05/11/2007
CVE: CVE-2007-1498
BID: 22952
OSVDB: 33796
Background
ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by **sitemanager.dll**.
Problem
A buffer overflow vulnerability in the SiteManager ActiveX control allows command execution when the **ExportSiteList** function is called with a long argument.
Resolution
Apply one of the patches referenced in McAfee Document ID 612495 or 612496.
References
<http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0162.html>
Limitations
Exploit works on McAfee ePolicy Orchestrator 3.6.1 (sitemanager.dll 3.6.1.166) on Windows 2000 SP4 and Windows XP SP1 and requires a user to load the exploit page into Internet Explorer.
Platforms
Windows 2000 SP4
Windows XP SP1
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.875 High
EPSS
Percentile
98.3%