Check Point Advisories

Preemptive Protection against McAfee HTTP Server Buffer Overflow Vulnerability

Check Point Reference: CPAI-2006-132
Date Published: 14 Nov 2006
Severity: High
Last Updated: Thursday 03 May, 2007
Source: FrSIRT/ADV-2006-3861
Industry Reference:CVE-2006-5156
US-CERT VU#842452
Protection Provided by:
Who is Vulnerable? McAfee ePolicy Orchestrator version 3.5.0 Patch 5 and prior
McAfee ProtectionPilot version 1.1.1 Patch 2 and prior
Vulnerability Description McAfee ePolicy Orchestrator provides proactive defense against malicious threats and attacks. McAfee ProtectionPilot is a centralized system security manager designed specifically for businesses with up to 500 systems.
A vulnerability has been reported in McAfee ePolicy Orchestrator and in McAfee ProtectionPilot. A remote attacker could exploit this vulnerability to deny service from legitimate users or to execute arbitrary code on an affected system.
Update/Patch AvaliableUpgrade to McAfee ePolicy Orchestrator 3.5 Patch 6 :
http://download.nai.com/products/patches/ePO/v3.5/EPO3506.zip

Upgrade to McAfee ProtectionPilot 1.1.1 Patch 3 :
http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.zip
Vulnerability DetailsThe vulnerability is due to a buffer overflow error in McAfee HTTP server that is used in McAfee products. The McAfee HTTP server fails to properly handle overly long 'source' headers. A remote attacker can trigger this vulnerability by sending a specially crafted HTTP packet with a long 'source' header to a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK