Vulnerability CVE-2008-1357


Published: 2008-03-17   Modified: 2012-02-12

Description:
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.

See advisories in our WLB2 database:
Topic
Author
Date
High
Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0)
Luigi Auriemma
17.03.2008

Type:

CWE-134

(Uncontrolled Format String)

Vendor: Mcafee
Product: Agent 
Version: 4.0;
Product: Epolicy orchestrator 
Version: 4.0;
Product: CMA 
Version:
3.6.574
3.6.546
3.6.453
3.6.438
3.5.5.438
3.0.6.453
Product: Mcafee framework 
Version: 3.6.569;

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.4/10
6.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
https://knowledge.mcafee.com/article/234/615103_f.sal_public.html
http://xforce.iss.net/xforce/xfdb/41178
http://www.vupen.com/english/advisories/2008/0866/references
http://www.securitytracker.com/id?1019609
http://www.securityfocus.com/bid/28228
http://www.securityfocus.com/archive/1/archive/1/489476/100/0/threaded
http://secunia.com/advisories/29337
http://aluigi.altervista.org/adv/meccaffi-adv.txt
http://securityreason.com/securityalert/3748

Related CVE
CVE-2018-10381
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call pub...
CVE-2017-3971
Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers.
CVE-2017-3969
Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate implementation of SSL.
CVE-2017-3967
Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTM...
CVE-2017-3966
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the...
CVE-2017-3965
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system informati...
CVE-2017-3964
Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter.
CVE-2017-4028
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

Copyright 2018, cxsecurity.com

 

Back to Top