There is a highly critical vulnerability in McAfee’s ePolicy Orchestrator. The description from Secunia follows:
Description:
cocoruder has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a user’s system.
The vulnerabilities are caused due to boundary errors within the SITEMANAGER.DLL ActiveX Control when processing arguments passed to the “ExportSiteList()” and “VerifyPackageCatalog()” methods. These can be exploited to cause stack-based buffer overflows via an overly long string passed as argument to the affected methods.
Successful exploitation allows execution of arbitrary code.
The vulnerabilities affect the following products:
* McAfee ePolicy Orchestrator 3.5.0 (Patch 5 and earlier)
* McAfee ePolicy Orchestrator 3.6.0 (Patch 5 earlier)
* McAfee ePolicy Orchestrator 3.6.1
* McAfee ProtectionPilot 1.1.1 (Patch 3 and earlier)
* McAfee ProtectionPilot 1.5.0
Solution:
Apply hotfix/patch.
https://mysupport.mcafee.com/eservice_enu/start.swe
Tags: McAfee, ePolicy Orchestrator Vulnerability, Remote Exploit
