Vulnerability CVE-2006-5156


Published: 2006-10-05   Modified: 2012-02-12

Description:
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.

Vendor: Mcafee
Product: Epolicy orchestrator 
Version: 3.5.0; 3.0;
Product: Protectionpilot 
Version: 1.1.1;

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.kb.cert.org/vuls/id/842452
http://www.securityfocus.com/bid/20288
http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=8611438&sliceId=SAL_Public&dialogID=2997768&stateId=0%200%202995803
http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt
http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt
http://www.vupen.com/english/advisories/2006/3861
http://www.remote-exploit.org/advisories/mcafee-epo.pdf
http://secunia.com/advisories/22222
http://xforce.iss.net/xforce/xfdb/29307
http://www.osvdb.org/29421
http://securitytracker.com/id?1016971
http://securitytracker.com/id?1016970
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html
http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html

Related CVE
CVE-2019-3621
Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked o...
CVE-2019-3622
Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe lo...
CVE-2019-3595
Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privil...
CVE-2019-3591
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated remote user to trigger specially crafted JavaScript to...
CVE-2019-3592
Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA direct...
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic betwe...
CVE-2019-3632
Directory Traversal vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to gain elevated privileges via specially crafted input.
CVE-2019-3631
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows authenticated user to execute arbitrary code via specially crafted parameters.

Copyright 2019, cxsecurity.com

 

Back to Top