| VID |
28159 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The McAfee ePolicy Orchestrator, according to its version number, has a buffer overflow vulnerability. McAfee ePolicy Orchestrator(ePO) is the all-in-one tool for centralized, enterprise-class system security management and reporting. McAfee ePolicy Orchestrator version 3.5.0 patch 5 and earlier versions are vulnerable to a buffer overflow vulnerability, caused by improper bounds checking of source headers. By sending a request containing an overly long source header, a remote attacker could overflow a buffer and execute arbitrary code on the affected host.
* Note: This check solely relied on the version number of the McAfee ePolicy Orchestrator program installed on the remote system to assess this vulnerability, so this might be a false positive.
* References:
http://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=8611438&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=8611438
http://www.milw0rm.com/exploits/2467
http://secunia.com/advisories/22222/
* Platforms Affected:
McAfee, Inc., McAfee ePolicy Orchestrator version 3.5.0 patch 5 and earlier versions
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of McAfee ePolicy Orchestrator (3.5.0 Patch 6), available from the McAfee ePolicy Orchestrator Download Web site at http://www.mcafee.com/us/enterprise/downloads/index.html |
| Related URL |
CVE-2006-5156 (CVE) |
| Related URL |
20288 (SecurityFocus) |
| Related URL |
29307 (ISS) |
|
