0 Replies Latest reply on Mar 13, 2008 12:50 PM by looc

    McAfee ePolicy Orchestrator "logDetail()" Format String Vulnerability

      http://www.frsirt.com/english/advisories/2008/0866

      Title : McAfee ePolicy Orchestrator "logDetail()" Format String Vulnerability
      Advisory ID : FrSIRT/ADV-2008-0866
      CVE ID : GENERIC-MAP-NOMATCH
      Rated as : Critical
      Remotely Exploitable : Yes
      Locally Exploitable : Yes
      Release Date : 2008-03-13

      Technical Description

      A vulnerability has been identified in McAfee ePolicy Orchestrator, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a format string error in the "logDetail()" [applib.dll] and "_naimcomn_Log()" [nailog2.dll] function when logging user-supplied requests sent to port 8082/UDP, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code via a specially crafted request containing a malformed "sender" field.

      Solution
      FrSIRT is not aware of any vendor-supplied solution.

      Credits
      Vulnerability reported by Luigi Auriemma.

      ChangeLog
      2008-03-13 : Initial release