Update Protection against McAfee ePolicy Orchestrator Framework Services HTTP Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-127 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29637 | |
| Industry Reference(s): | CVE-2008-1855 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? McAfee ePolicy Orchestrator 4.0 | ||
| Vulnerability Description A buffer overflow vulnerability was reported in the McAfee ePolicy Orchestrator (ePO) Framework Services. McAfee ePolicy Orchestrator is a central management system to enforce and monitor system security. A remote attacker could exploit this issue to execute arbitrary code on the affected system. |
||
|
Update/Patch Available Apply patch: McAfee Common Management Agent (CMA) 3.6.0 Patch 3 with HotFix 10 |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the Framework Services when handling malformed HTTP requests. To trigger this flaw, an attacker can specially craft a malicious request and send it to the target host. Successful exploitation of this issue may cause a denial of service condition allowing execution of arbitrary code on the vulnerable system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block malformed HTTP requests.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.