7 matches found
McAfee ePolicy Orchestrator Remote Code Execution (CVE-2013-0140; CVE-2013-0141)
A remote code execution vulnerability has been reported in McAfee ePolicy Orchestrator ePO. The vulnerability is due to an error in the ePO server that fails to properly sanitize user supplied data. A remote attacker can exploit this weakness to execute arbitrary code via a specially crafted http...
McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities
McAfee ePolicy Owner ePowner version 0.1 is an exploit that can add an administrative user to McAfee ePolicy Orchestrator as well as execute arbitrary commands on versions 4.6.0 through 4.6.5. Exploit Title: McAfee ePolicy Orchestrator 4.6.0-4.6.5 ePowner - Multiple vulnerabilities Date: 20...
McAfee ePolicy Orchestrator (ePO) Multiple Vulnerabilities-01 (Aug 2013)
McAfee ePolicy Orchestrator is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
TA13-193A: Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator (ePO)
US Computer Emergency Readiness Team banner graphic National Cyber Awareness System: TA13-193A: Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator ePO 07/12/2013 02:19 PM EDT Original release date: July 12, 2013 Systems Affected McAfee ePolicy Orchestrator ePO Overview A new...
CVE-2013-0141
Directory traversal vulnerability in McAfee ePolicy Orchestrator ePO before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the Agent-Server communication channel, as demonstrated by writing to the Software/ directory...
CVE-2013-0141
Summary (CVE-2013-0141): A directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) allows a remote attacker to upload arbitrary files via a crafted request over the Agent-Server communication channel, demonstrated by writing to the Software/ directory. It affects ePO versions prior...
McAfee ePolicy Orchestrator 4.6.4 and earlier pre-authenticated SQL injection and directory path traversal vulnerabilities
Overview McAfee ePolicy Orchestrator 4.6.4 and earlier contains a pre-authenticated sql injection and directory path traversal vulnerability which could allow an attacker to inject malicious code into the system. Description McAfee ePolicy Orchestrator 4.6.4 and earlier contains a pre-authenticat...