McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control Buffer Overflows

Posted on Wednesday, March 14, 2007 @ 07:01:18 PDT in Security
by Raven



CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

McAfee ePolicy Orchestrator 3.x -
McAfee ProtectionPilot 1.x -

DESCRIPTION: cocoruder has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the SITEMANAGER.DLL ActiveX Control when processing arguments passed to the "ExportSiteList()" and "VerifyPackageCatalog()" methods. These can be exploited to cause stack-based buffer overflows via an overly long string passed as argument to the affected methods. Successful exploitation allows execution of arbitrary code.

The vulnerabilities affect the following products:
* McAfee ePolicy Orchestrator 3.5.0 (Patch 5 and earlier)
* McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier)
* McAfee ePolicy Orchestrator 3.6.1
* McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier)
* McAfee ProtectionPilot 1.5.0

Apply hotfix/patch.

McAfee ePolicy Orchestrator 3.5.0 (Patch 7 and earlier): Apply hotfix EPO350HF323550.
McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier): Apply hotfix EPO360HF323553.
McAfee ePolicy Orchestrator 3.6.1: Apply Patch 1.
McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier): Apply hotfix PRP111HF323555.
McAfee ProtectionPilot 1.5.0: Apply hotfix PRP150HF323558.

PROVIDED AND/OR DISCOVERED BY: cocoruder, Fortinet Security Research Team.

Full Disclosure:
click Related        click Share
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 370,004,374
  • Today: 51,400
Server InfoServer Info
  • Oct 23, 2018
  • 01:59 pm PDT

Daily Inspiration