Vulnerability CVE-2008-1357


Published: 2008-03-17   Modified: 2011-03-07

Description:
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.

See advisories in our WLB2 database:
Topic
Author
Date
High
Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0)
Luigi Auriemma
17.03.2008

Type:

CWE-134

(Uncontrolled Format String)

Vendor: Mcafee
Product: Agent 
Version: 4.0;
Product: Epolicy orchestrator 
Version: 4.0;
Product: CMA 
Version:
3.6.574
3.6.546
3.6.453
3.6.438
3.5.5.438
3.0.6.453
Product: Mcafee framework 
Version: 3.6.569;

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.4/10
6.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
https://knowledge.mcafee.com/article/234/615103_f.sal_public.html
http://xforce.iss.net/xforce/xfdb/41178
http://www.vupen.com/english/advisories/2008/0866/references
http://www.securitytracker.com/id?1019609
http://www.securityfocus.com/bid/28228
http://www.securityfocus.com/archive/1/archive/1/489476/100/0/threaded
http://secunia.com/advisories/29337
http://aluigi.altervista.org/adv/meccaffi-adv.txt
http://securityreason.com/securityalert/3748

Related CVE
CVE-2017-4054
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.
CVE-2017-4055
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to bypass ATD detection via loose enforcement of authentication and a...
CVE-2017-4057
Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands.
CVE-2017-4052
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator function...
CVE-2017-4053
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.
CVE-2017-3948
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing sess...
CVE-2017-3980
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session.
CVE-2017-4016
Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header.

Copyright 2017, cxsecurity.com