cancel
Showing results for 
Search instead for 
Did you mean: 
looc
Level 7
Report Inappropriate Content
Message 1 of 1

McAfee ePolicy Orchestrator "logDetail()" Format String Vulnerability

http://www.frsirt.com/english/advisories/2008/0866

Title : McAfee ePolicy Orchestrator "logDetail()" Format String Vulnerability
Advisory ID : FrSIRT/ADV-2008-0866
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-03-13

Technical Description

A vulnerability has been identified in McAfee ePolicy Orchestrator, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a format string error in the "logDetail()" [applib.dll] and "_naimcomn_Log()" [nailog2.dll] function when logging user-supplied requests sent to port 8082/UDP, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code via a specially crafted request containing a malformed "sender" field.

Solution
FrSIRT is not aware of any vendor-supplied solution.

Credits
Vulnerability reported by Luigi Auriemma.

ChangeLog
2008-03-13 : Initial release