|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Wed Mar 14 2007 - 04:47:05 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_vacancies/
Secunia is looking for new researchers with a reversing background
and experience in writing exploit code:
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
http://secunia.com/Disassembling_og_Reversing/
----------------------------------------------------------------------
TITLE:
McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control Buffer
Overflows
SECUNIA ADVISORY ID:
SA24466
VERIFY ADVISORY:
http://secunia.com/advisories/24466/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
McAfee ePolicy Orchestrator 3.x
http://secunia.com/product/1943/
McAfee ProtectionPilot 1.x
http://secunia.com/product/5538/
DESCRIPTION:
cocoruder has reported some vulnerabilities in McAfee ePolicy
Orchestrator and ProtectionPilot, which can be exploited by malicious
people to compromise a user's system.
The vulnerabilities are caused due to boundary errors within the
SITEMANAGER.DLL ActiveX Control when processing arguments passed to
the "ExportSiteList()" and "VerifyPackageCatalog()" methods. These
can be exploited to cause stack-based buffer overflows via an overly
long string passed as argument to the affected methods.
Successful exploitation allows execution of arbitrary code.
The vulnerabilities affect the following products:
* McAfee ePolicy Orchestrator 3.5.0 (Patch 5 and earlier)
* McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier)
* McAfee ePolicy Orchestrator 3.6.1
* McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier)
* McAfee ProtectionPilot 1.5.0
SOLUTION:
Apply hotfix/patch.
https://mysupport.mcafee.com/eservice_enu/start.swe
McAfee ePolicy Orchestrator 3.5.0 (Patch 7 and earlier):
Apply hotfix EPO350HF323550.
McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier):
Apply hotfix EPO360HF323553.
McAfee ePolicy Orchestrator 3.6.1:
Apply Patch 1.
McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier):
Apply hotfix PRP111HF323555.
McAfee ProtectionPilot 1.5.0:
Apply hotfix PRP150HF323558.
PROVIDED AND/OR DISCOVERED BY:
cocoruder, Fortinet Security Research Team.
ORIGINAL ADVISORY:
Full Disclosure:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html
McAfee:
https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html
https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]