[Full-disclosure] McAfee EPO Buffer Overflow

2006-10-02T00:00:00
ID SECURITYVULNS:DOC:14522
Type securityvulns
Reporter Securityvulns
Modified 2006-10-02T00:00:00

Description

McAfee Epolicy 3.5.0 / Protection Pilot 1.1.0 Buffer Overflow

www.remote-exploit.org

muts {at} remote-exploit org

[-] Product Information

McAfeeR ePolicy OrchestratorR is a security management solution that gives you a coordinated defense against malicious threats and attacks. As your central hub, you can keep protection up to date; configure and enforce protection policies; and monitor security status from one centralized console.

[-] Vulnerability Description

McAfeeR ePolicy OrchestratorR contains a pre-authentication buffer overflow vulnerability in NAISERV.exe. Protection Pilot 1.1.0 uses the same HTTP server, and is also vulnerable.

[-] Exploit

Proof of concept exploit code is available at http://www.remote-exploit.org/exploits/mcafee_epolicy_source.pm

[-] Exploitation Details

http://www.remote-exploit.org/advisories/mcafee-epo.pdf

[-] Vendor Status

Vendor was notified July 14th, 2006. ehm.

[-] Credits

The vulnerability was discovered by Mati Aharoni (muts) and xbxice.

[-] Shameless Promotion

Get ready for BackTrack v.2.0!


Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/