SAINT CorporationSAINT:7457214B581EE3547BE4D4D906FB4B37McAfee ePolicy Orchestrator SiteManager ActiveX buffer overflow
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.875 High
EPSS
Percentile
98.3%
Added: 03/22/2007
CVE: CVE-2007-1498
BID: 22952
OSVDB: 33796
Background
ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by **sitemanager.dll**.
Problem
A buffer overflow vulnerability in the SiteManager ActiveX control allows command execution when the **VerifyPackageCatalog** function is called with a long argument.
Resolution
Apply one of the patches referenced in McAfee Document ID 612495 or 612496.
References
<http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0162.html>
Limitations
Exploit works on McAfee ePolicy Orchestrator 3.6.1 with **sitemanager.dll** version 3.6.1.166.
A user must load the exploit page into Internet Explorer in order for the exploit to succeed.
Platforms
Windows 2000
Windows XP
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.875 High
EPSS
Percentile
98.3%