Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] McAfee EPO Buffer Overflow exploit

To: <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] McAfee EPO Buffer Overflow exploit
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Tue, 3 Oct 2006 11:40:19 +0400
Content-class: urn:content-classes:message
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: AcbmVXw8JK1bN4MURR+GQIEns3wXpQAZkdEQ
Thread-topic: McAfee EPO Buffer Overflow exploit

> 
> Message: 2
> Date: Mon, 2 Oct 2006 03:55:37 +0200
> From: "muts" <muts@xxxxxxxxxxxxxxxxxx>
> Subject: [Full-disclosure] McAfee EPO Buffer Overflow
> To: <full-disclosure@xxxxxxxxxxxxxxxxx>
> Message-ID: <000f01c6e5c5$dbd20510$2100a8c0@kamau>
> Content-Type: text/plain;     charset="us-ascii"
> 
> ###################################################################
> #                                                             
>       #
> #   McAfee Epolicy 3.5.0 / Protection Pilot 1.1.0 Buffer Overflow #
> #
> #
> #                             www.remote-exploit.org
> #
> #
> #
> #                     muts {at} remote-exploit org                #
> ###################################################################
> 
> [-] Product Information
> 
> McAfeeR ePolicy OrchestratorR is a security management 
> solution that gives
> you a coordinated defense against malicious threats and 
> attacks. As your
> central hub, you can keep protection up to date; configure and enforce
> protection policies; and monitor security status from one centralized
> console.
> 
> [-] Vulnerability Description
> 
> McAfeeR ePolicy OrchestratorR contains a pre-authentication 
> buffer overflow
> vulnerability in NAISERV.exe. Protection Pilot 1.1.0 uses the 
> same HTTP
> server, and is also vulnerable.
> 
> [-] Exploit
> 
> Proof of concept exploit code is available at 
> http://www.remote-exploit.org/exploits/mcafee_epolicy_source.pm
> 
> 
> [-] Exploitation Details
> 
> http://www.remote-exploit.org/advisories/mcafee-epo.pdf
> 
> 
> [-] Vendor Status
> 
> Vendor was notified July 14th, 2006. ehm.
> 
> 
> [-] Credits
> 
> The vulnerability was discovered by Mati Aharoni (muts) and xbxice.
> 
> [-] Shameless Promotion
> 
> Get ready for BackTrack v.2.0!
> 
> 
------------------------------
> 
> Message: 7
> Date: Mon, 02 Oct 2006 15:26:04 +0200
> From: virus@xxxxxxxxx
> Subject: Re: [Full-disclosure] McAfee EPO Buffer Overflow
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Message-ID: <4521136C.2060806@xxxxxxxxx>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> Hi,
> 
> muts wrote:
> > [-] Vendor Status
> > 
> > Vendor was notified July 14th, 2006. ehm.
> 
> and more: Advisory published:
> http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayK
> C&docType=kc&externalId=8611438&sliceId=SAL_Public&dialogID=29
> 97768&stateId=0%200%202995803
> patch already provided.
> 
> GTi
>

Prev by Date: [security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 5 No. 39
Next by Date: [security-alerts] FYI: new NIST documents
Previous by thread: [security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 5 No. 39
Next by thread: [security-alerts] FYI: new NIST documents
Index(es):
- Date
- Thread